Bitdefender Antivirus Breaks RDP (Remote Desktop) on Windows
Bitdefender Antivirus — the free edition, at least — appears to be interfering with Remote Desktop Protocol (RDP) connections on Windows. Affected users may receive the following error when they try to log on to a remote PC or server with Network Level Authentication (NLA) enabled:
An authentication error has occurred.
The Local Security Authority cannot be contacted.
This could be due to an expired password.
While an expired password or a server-side misconfiguration can cause this error, it may also indicate a client-side issue. In this case, the error appears to be caused by Bitdefender Antivirus replacing the remote computer’s certificate in order to inspect encrypted RDP traffic. This process breaks Network Level Authentication and causes the connection to fail.
One workaround is to add file-level exclusions in Bitdefender for both the 64-bit and 32-bit versions of the Windows RDP client:
C:\Windows\system32\mstsc.exeC:\Windows\syswow64\mstsc.exe
This is not an ideal solution, but the free version of Bitdefender Antivirus has a limited control panel and does not provide alternative workarounds.
References
- Bitdefender Antivirus Free Edition breaking RDP : BitDefender
- Remote Desktop Connection Issue [SOLVED] – Microsoft Community
- Bitdefender Antivirus Free – remote Desktop block — The Bitdefender Expert Community
- AWS ec2 windows login error saying An authentication error has occured. The local security authority cannot be contacted – Stack Overflow
Bitdefender update might break it. I had to remove/readd exclusions to make it work
What a nightmare to troubleshoot. I glad to finally have found this article.
Thanks Arnon, Exactly what I needed.
OP of this post, you are a godsend.
Bitdefender, you are a a**hole. Gone crazy over this issue.
I noticed this too. Thing is I got a new laptop and decided to use an other antivirus too. So 2 changes at once so it took me a while to figureout it was bit defender. I noticed because my rdp server suddenly had a bitdefender certificate which is of course impossible.
I will try the exclude option. I have disbaled but defender for now and the cool part is that windows defender does not seem to take over like it did when I disabled panda.
But i have one more issie. I can also no longer access my old self signed websites/control panels (yes they are perfectly safe behind a firewall). They also now show a bit defender certificate but after accepting the webserver no longer seee the original hostname and shows the wrong site.
Really bad behaviour. Back to panda again I guess and live with the popup's
Thank you. I have been pulling my hair out on this. Tried everything but then I thought what if it was the antivirus ? Tried my luck and googled it and found this post.
Fixed my issue.
Thanks for posting, this worked, was driving crazy!
I have literally been going crazy with this problem for months. Thank you so much for this article. I can return to my therapist with my other issues now.
same here but only for a weeek
Hi Everyone,
I have opened a ticket with Bitdefender about this issue via their contact form here: https://www.bitdefender.com/consumer/support/. I will update this post if I hear back from them.
Bitdefender requested that I generate a support tool log from a PC that exhibits the issue. Unfortunately, I no longer have access to the affected PC, so I was unable to provide them with logs. I would encourage anyone else with this issue to contact Bitdefender support at the link above.
Good idea, ticket open, thanks
Thank you! Thank you!! This was killing me to try to find the issue! This worked!
Thank you so much. You're a Godsend!
Wish I would have found this a few clumps of hair ago.
Dropped the two files in the exceptions on free edition, problem solved.
Thank you very much. This issue made me pull my hair and accusing my sons returning from Uni to be the root cause!
Arnon,
Thanks for this info. I spent a good amount of time tracing down an issue with a client that could not connect to a remote server. Unfortunately the client was not using NLA, so the main symptom was to just close after the server certificate acceptance process. Furthermore, there was no errors logged in the system or the remote system either. I was finally able to trace this down by connecting to another server that did use NLA and get the error above.
Hi Jason,
Thanks for the comment. It's interesting to hear about the different behavior with NLA disabled. That sounds like even more of a nightmare to troubleshoot.
Thanks Arnon. This fixed my problem and exactly described what was happening.
I noticed this symptom on my PC last year, in the end I had to uninstall Bitdefender Free version because as you pointed out in the article, there isn't much that can be changed on the Free version and at that time, I didn't know why.
I originally just uninstalled Bitdefender and continued with Windows Defender, but having installed Bitdefender recently in the hope that Remote Desktop issue wouldn't occur, I was pleased to find your blog stating the reason and at least a way to mitigate the issue, even though the only choice is an exclusion!
So, thank you for the article.