From fully patched Windows 11 client, connecting to a fully patched Windows Server 2022 returns this error: credSSP error
I tried setting HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\system\CredSSP\Parameters!AllowEncryptionOracle to 2, trying the same via group policy etc.
Client and server are joined to the same domain and separated by SD-WAN, communication isn't firewalled.
Wireshark trace on the client reveals a reply from the server stating: "failureCode: Server requires Enhanced RDP Security with CredSSP (0x00000005)"
Any proposal is appreciated.
Addendum:
I have tried to compare Wireshark traces from healthy and unhealthy client. Last two bytes for target server are: 101.16. The unhealthy client's last two bytes are: 1.8 and last two bytes for healthy client are:105.201. I am attaching two screenshots - 1st screenshot shows the healthy client (light UI of Wireshark) on the left and first negotiate request of un-healthy client (dark UI of Wireshark) on the right. Second screenshots shows second attempt of unhealthy client to re-negotiate the connection.
Healthy (left) and unhealthy(right) clients comparison
2nd negotiation attempt of unhealthy client
Please note that 2nd negotiation attempt of unhealthy client contains CredSSP bit = 0. Why is that so is beyond my understanding.
Addendum 2
OK, after a bit more of testing, I got following result (on different target server as the server 101.16 isn't domain joined):
- Connecting to a domain-joined server (FQDN) with domain account - OK
- Connecting to a domain-joined server (IP addr.) with local account - NOT OK
- Connecting to a domain joined server (FQDN) with local account - NOT OK
NOT OK meaning I am always getting the CredSSP error.
