SSL VPN
Reply
Visitor
Posts: 6
Registered: ‎06-03-2009
0

SSLVPN RDP session through web

I have several users who will connect to a Terminal Server, and their RDP sessions are reset after approx 8 minutes, yet the SSL session is still running.

 

senario:

User connect to SSLVPN URL

logs in, and starts Terminal Server Session

signs into server

Starts doing work, and is Terminal Server Session is closed randomly.

 

This happens from multiple networks, multiple computers, multiple users, and differantend point servers.

 

Any ideas as to what might cause this problem?

Visitor
ericgoodhue
Posts: 5
Registered: ‎04-17-2008
0

Re: SSLVPN RDP session through web

If this traffic passes through a firewall after leaving the SA device I would check the session options there.

 

Depending on your firewall brand I would look into potential asynchronous routes and/or session timeouts.

 

Visitor
Posts: 6
Registered: ‎06-03-2009
0

Re: SSLVPN RDP session through web

If this traffic passes through a firewall after leaving the SA device I would check the session options there.

 

No firewall is in the path.  Users can connect from the internet, or internally through the SA to access the devices.

 

Depending on your firewall brand I would look into potential asynchronous routes and/or session timeouts.

 

session time out is not the issue, they are set to 8 hours on the SA and if routing was the issue other servers would be affected which use diffrent ports, but currently everything follows the default routes from the SA to the servers.

 

Trusted Contributor
stine
Posts: 437
Registered: ‎05-05-2008
0

Re: SSLVPN RDP session through web

I would recommend checking the logs on the terminal server and on the SSLVPN.  If those turn up nothing, I would trace a user session. A couple of questions:

1) can you re-create this problem on demand?

2) does this problem affect every user?

3) does the disconnect co-inside with a role refresh or cache-cleaner cycle?

 

stine

Theodore E Van Iderstine
Stream Networks
+1 678 373 4200 x125
JNCIA-ER (expired), JNCIA-SSL (ditto)
Visitor
Posts: 6
Registered: ‎06-03-2009
0

Re: SSLVPN RDP session through web

1) can you re-create this problem on demand?

        Not currently, have to find what is causeing the problem first.

2) does this problem affect every user?

       The number of reported users keeps increasing.  for awhile there was only one user, and the error was very sporadic both in time and in source locations (occured from home, and internally; and would happen after 8 mins - several hours), recently we had another user who has the error every day, (not sure if its the same error; i'm still looking through the logs. but there is potential for more users as we roll more TS solutions out).

 

3) does the disconnect co-inside with a role refresh or cache-cleaner cycle?

       Cache cleaner is not used for this realm / role

       Idle Timeout:  600 mins

       Max. Session Length: 601 mins

       Reminder Time: 30 mins

       Role Refresh (on the realm) is : 60 mins

 

Looked again at the Firewall question, we have 3 deployments of SA devices and I was thinking of a diffrent one.  There is a firewall, and I'm looking into that suggestion.

Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.