How to Troubleshoot RDP Speed / Lag / Disconnect Issues

If users are reporting slowness, lag or disconnect problems, below are items to consider.

QUESTIONS TO HELP ISOLATE ISSUE

Is the problem affecting just one user or all users connecting from different locations into the same network?
If affecting just one user, focus on end user home network and internet connectivity (review the LATENCY & OPTIMIZE RDP sections below)
If affecting all users, focus on office network and related problems (review the first 5 sections below)


For best user experience, TruGrid recommends using TruGrid Windows or Mac Connectors instead of Web Connector. See here for details.

STEPS TO TROUBLESHOOT

ARCHITECTURE:
Is the server that the TruGrid Sentry Agent is installed on the same network as the RDP host that you are trying to connect to? If not, this will create lag and you should consider installing the TruGrid Secure Connect Agent onto that endpoint instead (see SECURE CONNECT section below).


TRUGRID SENTRY & RDP SERVER CAPACITY:
Does the server hosting the TruGrid Sentry Agent have enough available RAM & CPU power?
Since this server is brokering RDP connections to AD-joined machines, any overloading of this server will negatively impact the RDP performance that users experience. TruGrid recommends that a server hosting TruGrid has at least 8GB RAM and 2 CPUs and both the RAM and CPU must not be over 70% utilized.
Is the RDP host well-sized for RAM, CPU, and disk IOPS?
Please review this article from Microsoft on tuning RDP host.


BANDWIDTH:
Does the internet connection that the TruGrid Sentry Agent is using for outbound access have sufficient available bandwidth?
Does the internet line the user is connecting FROM have sufficient outbound available bandwidth (see LATENCY section below)?
Can the user test using a Cellular WIFI hotspot to isolate if the problem is related to their home Internet conection?
See further bandwidth planning instructions here.


APPLICATION INTERFERENCE & DISCONNECTS
TruGrid has observed disconnect issues in environments using aggressive Endpoint Detection and Response (EDR) solutions, such as Sentinel ONE, Cylance, Crowdstrike, and others; including firewalls with web filtering, IPS and IDS products. If you are using such products, please try the below steps to help isolate or remediate the problem.
If using TruGrid Sentry:
Configure your AV / EDR to whitelist the C:\Program Files\TruGrid\Sentry folder
Configure your AV / EDR to whitelist the these two processes C:\Program Files\TruGrid\Sentry\TruGrid Sentry.exe and C:\Program Files\TruGrid\Sentry\TruGrid Sentry Health Monitor.exe
If you need to whitelist using a HASH, you can use the below commands within PowerShell
certutil -hashfile 'C:\Program Files\TruGrid\Sentry\TruGrid Sentry.exe' md5
certutil -hashfile 'C:\Program Files\TruGrid\Sentry\TruGrid Sentry Health Monitor.exe' md5

If using TruGrid SecureConnect:
Configure your AV / EDR to whitelist the C:\Program Files\TruGrid\Secure Connect folder
Configure your AV / EDR to whitelist the this processes TruGrid.SecureConnect.exe
Configure your Firewall web filder / IPS / IDS and EDR to allow outbound access to TruGrid IPs.


GEOGRAPHIC ROUTING OPTIMIZATION:
TruGrid automatically routes Secure RDP connections via the Microsoft Azure region closest to a company (Sentry / Secure Connect) and user (TruGrid Connectors). TruGrid works across every Global Azure Region. For example, if setting up a company located in Australia, TruGrid will automatically route the connection via the closest Australia Azure data center. In order to determine your closest Azure Region, please connect to this Azure Speedtest URL from your Sentry Server or SecureConnect Host. The Azure Region at the top after 30 seconds is your closest: (https://azurespeedtest.azurewebsites.net/).


LATENCY & DISCONNECTS:
First, make sure that end users are NOT using 2.4GHz WiFi connections. Microwave ovens can cause a disconnect in 2.4GHz WiFi connections when turned on. Use 5GHz WiFi instead.
Next, the health of the internet connection between a user's local network and the remote computer network will have a significant impact on the quality of the RDP session. In particular, the latency of the connectivity can be more important than the bandwidth. Typical latency within a LAN is 10ms or less. Please verify the latency between remote computer and end user endpoint as follows:
Download to the remote computer (the RDP host), the free version of Remote Desktop Analyzer - a third-party tool. It's a self-executing EXE.
Run it on the RDP host AFTER you establish RDP connection. This will show you the latency between the RDP host (computer you are connecting TO) and your endpoint (computer you are connecting FROM). The lower the latency, the better the RDP experience (no matter how high the bandwidth).

Below is an example of a decent latency, approximately 27ms. CAD applications will benefit immensely from latency that is closer to 10ms.



OPTIMIZE RDP SESSIONS:
There are many things that can be done in standard RDP to speed up RDP sessions:
Use the RDP SETTINGS feature of TruGrid Windows Connector to optimize RDP sessions. Here is the guide.
Or use Active Directory GPO. Here is guide.
NOTE: Many of the detailed recommendations from MIcrosoft here can be implemented via step 1 or 2 of this section.


OTHER CONSIDERATIONS:
If your RDP Session disconnects or disappears on connection, make sure that Windows Update is not currently running on the remote computer. Sometimes, when Windows is applying update and rebooting, RDP session cannot be reliably established. Wait for Windows updates to finish.
In rare cases, a corrupt printer driver will cause RDP connections to fail. To eliminate this as a potential cause, open SERVICES.MSC on the remote computer and disable the PRINT SERVICE. Then try to reconnect,


SECURE CONNECT / DIRECT AGENT DEPLOY:
We have a direct agent (called SecureConnect) that you can deploy to RDP hosts. This is typically used on non-AD machines; however, it can also be used on AD-joined machines. Use cases include situations where the AD-joined machine is located in another geographic region / WAN from the local network that TruGrid Sentry is installed on; or situations where you want to have one less hop to that RDP host to speed up the connection. See this article for how to set this up.
​

If you have any questions, please feel free to reach out to us on live chat which can be found at the bottom of this page.

Updated on: 22/05/2023