Problem
The Workspot RD Gateways will reject connection attempts from Windows Client devices with an LMCompatibilityLevel in the range of 0-2, because these have security settings incompatible with modern best practices.
Requirements
To work with Workspot gateways, LMCompatibilityLevel must set to 3 or 5. The two settings are equivalent as far as Workspot gateways are concerned. A value of 3 is more compatible with older infrastructure; a value of 5 is more secure.
(In recent Windows releases, the system default will be one of these values, so if LMCompatibilityLevel is undefined, that will also work.)
Procedure
LMCompatibilityLevel can be set in group policies or in the Registry.
Group Policy: Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options
Registry: HKLM\System\CurrentControlSet\Control\Lsa\LmCompatibilityLevel
Open gpedit.msc from the run window and make the following changes:
Computer Configuration --> Windows Settings --> Security Settings --> Local Policies--> Security Options --> Network Security: LAN Manager authentication level (Change as shown below)
If you are still experiencing the issue then please verify the below patch on the local PC.
Apply the CVE-2018-0886 patch to all required servers in the environment that initiate/accept RDP connections.
Or:
Apply the "Encryption Oracle Remediation" GPO on servers without the update as described in the following article under the section "Group Policy" to machines that do not have the patch installed:
https://support.microsoft.com/en-us/help/4093492/credssp-updates-for-cve-2018-0886-march-13-2018
Related Documents
Network security: LAN Manager authentication level. Microsoft documentation on LMCompatibilityLevel.
The Most Misunderstood Windows Security Setting of All Time by Jesper Johansson. Detailed explanation of the underlying mechanisms controlled by LMCompatibilityLevel.