Environment:

    - Windows 2012 R2

    - RD Connection Broker is installed

Problem: 

Attempting to RDP to the Windows 2012 R2 RDS server directly (without using an RD Gateway) fails with the error:

     "This computer can't connect to the remote computer. Try connecting again. If the problem continues, contact the

owner of the remote computer or your network administrator."

In Event Viewer, event 1301 followed by events 1296 and 1306 can be seen in Applications\Microsoft\Windows\TerminalServices-SessionBroker-Client.

Solution:

1.) Open the local group policy object editor (gpedit.msc)

2.) Navigate to the following policy: Computer Configuration\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Security

3.) Enable setting "Require use of specific security layer for remote (RDP) connections to Security Layer," and set Security Layer to "RDP."

4.) Open an elevated command prompt and run the command: "gpupdate /force."

Additional Information:

In some circumstances, it may be necessary to restart the server to update Group Policy. If RDP connections continue to fail after taking the above steps, the RDS server should be rebooted.