Users are not able to RDP through macOS or Linux clients. RDP through Windows does not show any problem. All users can notice the issue when going through the gateway.

The error below can be seen through MacFreeRDP or on the gateway when the issue happens:

SSL_NOT_ALLOWED_BY_SERVER
 

• Okta Advanced Server Access
• Server agent

The Target Server only accepts the RDP security layer for remote RDP connections. It can be controlled through group/local policy.

1. Open group/local policy editor on the target server.

2. Enable and update the following GPO to Negotiate:

   • Computer configuration > Policies > Administrative templates > Windows components > Remote Desktop Services > Remote Desktop Session Host > Security > "Require use of specific security layer for remote (RDP) connections".
     

3. Force changes to the GPO using gpupdate /force.