Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 2 replies
  • Subscribers 3 subscribers
  • Views 18414 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Windows 10 (latest updates) RDP is requesting UDP port 3389 traffic

Mokaz

Hi all,

Since i have recently updated my main Windows 10 workstation, I've got some RDP dropped connections. The connection drops for 2 seconds and reconnect. A quick wireshark analysis revealed that the RDP protocol is requesting UDP port 3389 traffic to the target RDP server.

As per Sophos UTM, the RDP protocol definition is TCP:3389 (which is also what I've had in mind).

Did anyone saw such behaviors ? I'm pretty reluctant to add TCP & UDP port 3389 for my RDP rules. Although i'll test this now to acknowledge if that is counter measuring my issues...

Thanks,
Regards,
M.



This thread was automatically locked due to age.
  • 0

    Well something is strange indeed because there is not a single packets on UDP originating from my RDP sessions to any RDP servers target (as per wireshark, RST flagged frames are all TCP) but Sophos UTM 9.401-11 show some UDP:3389 traffic from my host to the RDP servers (in the default DROP of course...)

    Any comments would be welcome,
    Cheers,
    M.

  • 0

    Nevermind, found the root cause:

    ASIX AX88179 USB 3.0 to Gigabit Ethernet Adapter Drivers v1.16.13.0 & a TRENDnet adpater TU3-ETG (Version v1.0R) seems to be the issue. Couldn't get at the bottom of it yet though, just found out that on my WiFi adapter there is no such issues..

    Any one with the same adapter ?

    Thanks,
    Regards,
    M.