I can't connect to my Amazon Elastic Compute Cloud (Amazon EC2) Windows instance with Remote Desktop Protocol (RDP). How can I fix this?

I created an Amazon EC2 Windows instance and then followed the steps in the AWS documentation for Connecting to Your Windows Instance, but the connection attempt fails with an error indicating one of the following:

  • Remote access to the server is not enabled
  • The remote computer is turned off
  • The remote computer is not available on the network

Use an automation document with AWS Systems Manager or a manual method to troubleshoot Remote Desktop Connection issues:

AWSSupport-TroubleshootRDP Automation Document

The AWSSupport-TroubleshootRDP automation document allows the user to check or modify common settings on the target instance that can impact Remote Desktop Protocol (RDP) connections, such as the RDP port, Network Layer Authentication (NLA), and Windows firewall profiles. By default, the document reads and outputs the values of these settings.

The AWSSupport-TroubleshootRDP automation document can be used only with instances that are enabled for AWS Systems Manager, also referred to as a managed instance. Your instance must have the SSM agent installed and have an IAM role attached with permissions to Systems Manager. You must change the default parameter values to modify the common RDP settings on the target instance.

1.    Log in to the Systems Manager console.

2.    Verify that you are in the same Region as the impaired Amazon EC2 instance.

3.    Open the AWSSupport-TroubleshootRDP document.

4.    In Execution Mode, choose Execute the entire automation at once.

5.    In Input parameters, in the InstanceId field, enable Show interactive instance picker.

6.    Choose your Amazon EC2 instance, and then choose Execute automation.
Note: If you don't see your instance in the list, it's not enabled for Systems Manager. To configure AWS Identity and Access Management (IAM) for SSM Agent, see Create an Instance Profile for Systems Manager.

7.    To monitor the execution progress, in Execution status, wait for the status to change from Pending to Success. Expand Outputs to view the results. To view the output of individual steps, in Executed Steps, choose the Step ID.AWSSupport-ExecuteEC2Rescue Automation Document.

AWSSupport-ExecuteEC2Rescue Automation Document

The AWSSupport-ExecuteEC2Rescue automation document uses EC2Rescue for Windows Server to automatically troubleshoot and restore EC2 instance connectivity and RDP issues. For more information, see Run the EC2Rescue Tool on Unreachable Instances.

Note: The AWSSupport-ExecuteEC2Rescue automation document can be used on any Amazon EC2 instance, but it requires a stop and restart of the instance. Systems Manager Automation stops the instance and creates an Amazon Machine Image (AMI). Data stored in instance store volumes are lost. The public IP address changes if you are not using an Elastic IP. For more information, see Run the EC2Rescue Tool on Unreachable Instances.

1.    Open the Systems Manager console.

2.    Verify that you are in the same Region as the impaired Amazon EC2 instance.

3.    Open the AWSSupport-ExecuteEC2Rescue document.

4.    In Execution Mode, choose Execute the entire automation at once.

5.    In the Input parameters section, for UnreachableInstanceId, enter the Amazon EC2 instance ID of the unreachable instance.

6.    (Optional) For LogDestination, enter the Amazon Simple Storage Service (Amazon S3) bucket name if you want to collect operating system logs for troubleshooting your Amazon EC2 instance. Logs are automatically uploaded to the specified bucket.

7.    Choose Execute automation.

8.    To monitor the execution progress, in Execution status, wait for the status to change from Pending to Success. Expand Outputs to view the results. To view the output of individual steps, in Executed Steps, choose the Step ID.

Manual Version

RDP connectivity issues can be caused by a number of factors. For more information, see Remote Desktop can't connect to the remote computer.

Note: If you continue to experience connectivity issues to your EC2 Windows instance, you can use EC2Rescue to check for configuration issues. For example, use EC2Rescue to troubleshoot instance connectivity, Windows firewall, Network interface, and RDP service issues. For more information, see How can I troubleshoot issues with my EC2 Windows instance by using the EC2Rescue tool?


Did this page help you? Yes | No

Back to the AWS Support Knowledge Center

Need help? Visit the AWS Support Center.

Published: 2017-01-05

Updated: 2018-07-23