Support Center > Search Results > SecureKnowledge Details
Endpoint Security VPN client disconnects while initializing or disconnecting a Windows Remote Desktop (RDP) session to / from the connected client Technical Level
Symptoms
  • Endpoint Security VPN client disconnects while initializing Windows Remote Desktop (RDP) session to the connected client.
  • Endpoint Security VPN client displays the following message:
    VPN tunnel has disconnected: Session logoff event received, disconnecting user.
  • helpdesk.log will show:
    Logoff has occurred
    Console/remote disconnect has occurred. Disconnecting
Cause

When RDP is initiated to a Windows Desktop machine, the Windows OS user session, under which the VPN was established, is closed in favor of the new RDP session.

The VPN is disconnected because the Check Point service receives a notification from the Windows OS that a user session change event has occurred.

This happens because a user logoff event 0x0000000E occurs on the client PC (SERVICE_CONTROL_SESSIONCHANGE is a Windows API call used for this function).

The VPN client will disconnect the tunnel in such a case. This behavior is hard-coded and cannot be changed via configuration. It is considered a security feature.


Solution
Note: To view this solution you need to Sign In .