Windows 7 users are unable to launch Juniper Terminal Services connections after Windows update MS KB2830477 is installed on the client PC and the remote host is configured with FQDN instead of IP address.
Windows 8.x clients may experience similar issues launching Juniper Terminal Services connections due to recent updates to Microsoft RDP client, which conflict with the Juniper Terminal Services client.
Problem or Goal:
After installing MS KB2830477 on a Windows 7 32-bit or 64-bit PC, Juniper Secure Access Gateway users are unable to launch Juniper Terminal Services bookmarks if the remote host is configured with FQDN. The issue also occurs for user created Terminal Services (TS) sessions if the session is configured to use the FQDN of the remote host. When a secure access remote user clicks on a TS bookmark, or attempts to initiate an RDP session with a remote host by entering the remote host name in the Remote Desktop Launcher address bar, the session fails to launch with Windows error "Juniper Terminal Services client has stopped working". The user will see the following error message:
Microsoft has recently released new Remote Desktop Services features available by default in Windows 8.1. Windows 7 clients can install MS KB2830477 which has the same new RDP features. On both Windows 7 and Windows 8 client PC's running the updated RDP client, Juniper Terminal Services stops working.
Microsoft's article describes the Remote Desktop Connection (RDC) 8.1 client update that enables you to use the new Remote Desktop Services features. These features were introduced in Windows 8.1 and Windows Server 2012 R2, and are now available for computers that are running Windows 7 Service Pack 1 (SP1).
The fix for this issue is in IVE OS 7.4R7 which is scheduled for release on or around December 1, 2013.
If upgrading to IVE OS 7.4R7 is not an immediate option, the following workarounds can be implemented:
MS KB2830477 is an "optional" update from Windows Automatic Updates and can be deselected from being installed during the update installation process.
If the update is already installed on Windows 7 clients, uninstall MS KB2830477 from the client PC.
If the update cannot be uninstalled or if the affected client is running Windows 8.1, configure the Juniper Terminal Service bookmarks on the Juniper SA or MAG Series device to connect using an IP address for the remote host instead of FQDN. If IP address is used, remote access users can launch Juniper Terminal Services client connections with MS KB2830477 installed and the crash does not occur.
If users access Juniper Terminal Services remote hosts using the RDP Launcher from the Secure Access Gateway bookmark page, provide them with the IP address for any remote host they normally connect to by FQDN and have them update their bookmarks accordingly.