All Products
Search

This Product

    :Unable to connect Windows instances

    Document Center

    :Unable to connect Windows instances

    Last Updated:Jun 07, 2021

    Disclaimer: This article may contain information about third-party products. Such information is for reference only. Alibaba Cloud does not make any guarantee, express or implied, with respect to the performance and reliability of third-party products, as well as potential impacts of operations on the products.

    Problem description

    The user cannot connect to a Windows instance.

    Cause

    There are many reasons why you cannot connect to a Windows instance, which may cause connection failures. Common causes of issues are listed here. The causes shall be subject to the on-site troubleshooting results.

    • The firewall configuration is abnormal.
    • The remote access port is incorrectly configured.
    • The CPU load is too high.
    • The Internet rules of the security group are incorrect.
    • The ECS instance was not restarted after the management terminal password was modified.
    • An error occurred while mounting the data disk.
    • The local network on the client is abnormal.
    • The backbone network of the carrier is abnormal.
    • Network interface controller configuration issues.

    Solution

    Alibaba Cloud reminds you that:

    • Before you perform operations that may cause risks, such as modifying instance configurations or data, we recommend that you check the disaster recovery and fault tolerance capabilities of the instances to ensure data security.
    • If you modify the configurations and data of instances including but not limited to ECS and RDS instances, we recommend that you create snapshots or enable RDS log backup.
    • If you have authorized or submitted security information such as the logon account and password in the Alibaba Cloud Management console, we recommend that you modify such information in a timely manner.

    The troubleshooting of unable to connect ECS instance is as follows:

    1. Use the management terminal to log on to the instance.
    2. Check whether the local network of the client is normal.
    3. Check whether the instance is not restarted after the instance password is reset.
    4. Check whether the firewall configuration is normal.
    5. Check whether the Internet rules of the security group are normal.
    6. Check whether the remote access port is properly configured.
    7. Check whether the CPU load is too high.
    8. Try to restart the instance

    Step 1: log on to the instance by using the management Terminal

    If you cannot connect to the instance remotely for any reason, try to use the remote connection function provided by Alibaba Cloud to make sure that the instance is still responding and is not completely down, and then troubleshoot the fault by reason.

    1. Log on to the ECS console. In the left-side navigation pane, choose instances> remote connection.
    2. When you connect to the instance for the first time or forget the password, clickchange the VNC connection passwordto modify the password for the remote connection.
    3. Then, connect to the instance by using the remote connection password.

    Step 2: Check whether the local network of the client is abnormal.

    Confirm whether the fault phenomenon exists. If it does, follow this step to solve the problem. If it does not exist, go to the next step.

    Symptoms

    The user cannot connect to the internet locally.

    Cause

    Network interface controller driver is not enabled or a network interface controller configuration error occurs.

    Solution

    Use the management terminallog on to the instance, check the network interface controller driver, and if it is abnormal, reinstall it.

    Step 3: Check whether the instance is not restarted after the instance password is reset

    Confirm whether the fault phenomenon exists. If it does, follow this step to solve the problem. If it does not exist, go to the next step.

    Symptoms

    There are instance password modification records, but no instance restart records.

    Cause

    The instance password is changed but the instance is not restarted.

    Solution

    1. Log on to the ECS console. In the left-side navigation pane, choose instances.
    2. At the top of the page, select a region and choose more > Instance status > Restart the instance and click OK.

    Step 4: Check whether the firewall configuration is normal.

    Tips: This article takes Windows 2008 and 2012 systems as an example.

    Confirm whether the fault phenomenon exists. If it does, follow this step to solve the problem. If it does not exist, go to the next step.

    Prerequisites

    You can perform this troubleshooting only when you have been authorized to disable the firewall.

    Symptoms

    The remote connection fails. The connection will be restored after you disable the firewall.

    Solution

    Modify the firewall configuration policy. For more information, seehow to configure a firewall for remote connection to a Windows instance. After the operation is completed, connect to the instance again to confirm that the connection is successful.

    Step 5: Check whether the Internet rules of the security group are normal.

    Confirm whether the fault phenomenon exists. If it does, follow this step to solve the problem. If it does not exist, go to the next step.

    Symptoms

    The ECS instance cannot be pinged. It still cannot be pinged after Iptables and network interface controller IP configuration problems are eliminated and the system is rolled back.

    Cause

    The default Internet rules of the ECS instance security group have been deleted.

    Solution

    Reconfigure the public network rules of the security group for the ECS instance. For more information, seethe default public network rules of the ECS instance security group cannot be pinged when the default public network rules are deleted.

    Step 6: Check whether the remote access port is configured normally

    Confirm whether the fault phenomenon exists. If it does, follow this step to solve the problem. If it does not exist, go to the next step.

    Symptoms

    The remote access port is not the default port.

    Solution

    • The remote port number of the Windows instance is out of the value range. In this case, you must change the port number to 0 to 65535 without any occupied ports.
      1. Log on to the instance and select start > Run, enter regedit, and then click confirm.
      2. Open the registry editor and choose #server\wds\ rdpwd \TDs \TCP.
      3. Double-click the PortNumber click decimal, a new course is developed, which combines original port by the "113322" shall be modified as between 0 and 65535 and not to the current port conflict and those of the ports, e.g., 5588, etc., Port.
        Note: "113322" is the port number displayed on the right of PortNumber.
      4. Then, open the parameter server.
      5. Double-click PortNumber, click decimal, and change the original port "113322" to the same as the port number in step 3.
      6. Then, restart the host to confirm that the remote connection is successful.
    • Caused by remote port modification. After modifying the default port 3389 for remote connection, you need to add an IP address and a port number for Remote Desktop Connection.

    Step 7: Check whether the CPU load is too high

    Confirm whether the fault phenomenon exists. If it does, follow this step to solve the problem. If it does not exist, go to the next step.

    Symptoms

    The system cannot connect remotely due to high CPU load.

    Solution

    • If anti-virus software is executed in the background, upgrade anti-virus software to the latest version or delete it directly.
    • Use anti-virus software commercial edition or use Microsoft Safety Scanner free Microsoft security tools to scan anti-virus software in security mode. For more information, see the following link.
      https://www.microsoft.com/security/scanner/zh-cn/default.aspx
    • Check whether the CPU load is too high and whether Windows Update is being performed in the background.
    • Run Windows Update to install the latest Microsoft security patch.
    • High CPU load is a normal result if the application needs a large amount of disk access, network access, and high computing. You can try to upgrade the instance specification to solve the resource bottleneck problem.
    • For solutions to high CPU load, seesolution to high CPU usage of Windows ECS instances.

    Step 8: try to restart the instance

    If you cannot connect to the instance by using the remote connection function provided by Alibaba Cloud, restart the instance. A restart operation will stop your instance from running and interrupt business. Exercise caution when performing this operation.

    Note: before restarting an instance, you must create a snapshot for the instance to back up data or create an image. For more information about how to create a snapshot, see create a snapshot.

    1. Log on to the ECS console. In the left-side navigation pane, choose instances.
    2. At the top of the page, select a region and choose more > Instance status > Restart the instance and click OK.

    Application scope

    • ECS