I've just set up a new environment for a customer. There are 4 Server 2012 Standard editions running inside a VMware ESXi v5.1 (U1) host. A domain controller, web server, SQL server and a Remote Desktop Services server.
Because the ESXi host will be exposed directly to the internet without a router or firewall, I've set up a second network within ESXi, for all the internal inter-server traffic. So all the servers are connected to the internal network, with a 192.168.0.0/24 address. Except for the Remote Desktop Services server, which has a second virtual NIC, connected directly to the public internet with a IP address in the range 192.168.178.0/24 (the DMZ connected to the internet via a Fritzbox 7360 VDSL modem, eventually this NIC will have a public IP address when moving it to the datacenter). For obvious reasons, this NIC has the "Public" NLA profile configured. The internal NIC is configured with a NLA "Domain network" profile on each server.
So, the Remote Desktop Services server is multihomed and I installed Routing & Remote Access on this server, so the internal servers have internet access (for updates etc.) via the multihomed Remote Desktop Services server. This is working just fine, except for the fact that the domain controller displays a message "no internet access" in the Network & Sharing Center. But that's not the issue right now.
The problem is that (even before the Remote Desktop Server role has been configured), I noticed that I often was unable to set up a RDP connection to the RDS server via the "external" NIC, there was no response and the error message was like the server was unreachable, services not running, etc., the default message. The strange thing is, after rebooting the server, I was able to connect via RDP again. But after a few minutes (somewhere between 5 to 15 minutes), the server won't accept RDP connections again on the external NIC. From the internal servers, I can still connect via RDP to the RDS server. I have to reboot the RDS server again to let it accept RDP connections on the external NIC, after which the server will stop accepting RDP connections again after 5 to 15 minutes but the internal RDP connections are still accepted.
When the server doesn't accept RDP connections on the external NIC, a netstat -an shows that the server is listening on both adapters on TCP port 3389.
I thought it could be a firewall issue (where the correct Remote Desktop exceptions are made), so I disabled the firewall for all connection types. But still RDP isn't accepted on the external NIC.
I even installed Wireshark to see what was going on. Shortly after rebooting the RDP connections are accepted. As soon as the RDP sessions stay unanswered, I see that Wireshark sees the incoming requests repeating (TCP retransmissions). So the server gets the TCP packet on the NIC, but isn't answering it.
I googled this problem and all I could find are issues on Windows Server 2008, for which is a hotfix available.
I want to let de RDP-tcp connection listen on only the external NIC, trying to force it in accepting connections again, but as the "old" MMC for managing the RDP-tcp connections isn't available anymore in Server 2012, I couldn't find the option to configure this in Server 2012. So far I haven't managed to accomplish this.
What else can be the problem here? The servers are all out-of-the-box installations, with a domain set up and joined the servers to the domain. I installed the lates updates but this didn't solve my problem. No third party software is installed on any of the servers. Before I make a support call to Microsoft, I want to put my problem here.