How do I troubleshoot an RDP connection or instance status check failure on Windows Server after I change the EC2 instance type?

4 minute read
0

After I change my Amazon Elastic Compute Cloud (Amazon EC2) instance type, I can't connect through the Windows Server remote desktop protocol (RDP).

Short description

If you change an Amazon EC2 instance from one instance type to another, then the change might prevent an RDP connection. You must install the correct network adapter driver to connect to the instance through an RDP.

If the driver is missing or outdated, then the network adapter will fail to initialize and prevent an RDP connection. As a result, the instance health check will fail due to the lack of network connectivity.

Based on your type of instance, see the related resolution.

Resolution

Important: If you change an instance, note the following:

Instance type changed from a Xen instance to a Nitro Instance

If you change your instance type from a Xen-based instance to an updated Nitro instance, then your instance fails in one of the following ways:

  • The instance fails a health check.
  • You get the following error message:
    "The remote computer that you are trying to connect to requires Network Level Authentication (NLA), but your Windows domain controller cannot be contacted to perform NLA. If you are an administrator on the remote computer, you can disable NLA by using the options on the Remote tab of the System Properties dialog box."

Instance fails a health check

To resolve this issue, do the following:

  1. Open the console.
  2. Stop the instance that failed the health check. If the instance does not stop, then use force stop.
  3. Change the instance type back to the previous instance type.
  4. Start the instance.
  5. Install and upgrade ENA.
    Note: The Latest ENA driver isn't supported on all Windows Serves. For more information, see Activate enhanced networking with ENA on your EC2 instances.
  6. Upgrade AWS NVMe drivers.
  7. Stop the instance.
  8. Change the instance type to the updated instance and then start the instance.

NLA failure message

To resolve this issue use one of the following methods.

Generate a key pair

  1. Log in with a local user or admin credential. For more information, see How do I retrieve my Windows administrator password after launching an instance.
  2. Add your DNS server IP in the network adapter properties under IPV4 configuration.
  3. Connect to the instance through your Windows Server RDP with domain credentials.

Use Systems manager (SSM)
If you can't use a key pair, then use systems manager (SSM) to resolve the issue. Only use this method if the instance is SSM managed.

  1. Connect to your Amazon EC2 instance with Session Manager.
  2. Run the below command to set the DNS address.
    Replace ADAPTER-NAME with your current network adapter.
    Replace X.X.X.X with your DNS server IP address.
    interface ip set dns name="ADAPTER-NAME" source="static" address="X.X.X.X"

For more information on RDP authentication issues due to NLA failure, see How do I troubleshoot authentication errors when I use RDP to connect to an EC2 Windows instance?

Nitro instance type changed

If you have a Nitro instance and you update the instance type, then the network adapter will fail if the drivers are not the latest supported version.

To resolve the issue, do the following:

  1. Open the console.
  2. Manually stop the instance. If the instance doesn't stop, then use force stop.
  3. Change the instance type back to the previous instance type.
  4. Manually start the instance.
  5. Connect to your Windows instance with an RDP client.
  6. Install and upgrade ENA.
    Note: The Latest ENA driver isn't supported on all Windows Servers. For more information, see Activate enhanced networking with ENA on your EC2 instances.
  7. Upgrade AWS NVMe drivers.
  8. Stop the instance.
  9. Change the instance type to the updated instance and then start the instance.
AWS OFFICIAL
AWS OFFICIALUpdated 2 months ago