SonicWALL IPS not smart enough. Was: KB938464 = No RDP


Just catching on to this one, but it looks like KB938464 keeps MSTSC from connecting from the outside. That’s all I know so far, but if you’re seeing this too, you’re not alone. I’ll update this when I have more info.

Edit: Turns out this has nothing to do with KB938464 and everything to do with SonicWALL’s IPS. This little eager beaver got an update recently that told it to block 3389, sometimes. When feels like it. My favorite quote is, “This SonicWALL signature can detect normal terminal services traffic, and may be enabled for detection. “

Gnnngggg. Wrong. No it can’t (detect normal terminal services traffic.)

So this explains why my clients’ servers have been sporadically not responding to my terminal service requests. Way to go SonicWALL.