Hy Guys,
i have a server 2016 remotedesktopserverfarm with 2 RemoteDesktopServers and one Windows-RemoteDesktopBroker, which redirects the user to the correct RemoteDesktopServer.
When i create SSL VPN bookmarks (RDP - Port 3389) to both terminalserver directly, it works - but it's a 50:50 chance to get the server where the user is loaded. When I create a bookmark to the broker, it don't work -> Connection refused.
Any idea?
Thanks!
Manuel Wagner
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi,
I confirmed yesterday with product manager that this feature is not currently implemented. NFR (New Feature Request) have been asked to support RDS farm. Cross fingers! :)
Philippe
hi,
that would be great! Thanks for the reply!
Manuel
Isn't this the way the Connection Broker is supposed to work? I mean, even without the SSL VPN you would have the same result because of load balancing?
Hello
Any news on this NFR ?
I have a farm with 3 RDP servers and will upgrade to 4 soon, the propability to reach the good server is now 33% and will descrease !
@Bert : you right , the windows broker load balacing do its job and loadbalance server-1 and server-2 :)
but in the SSL VPN portal case :
- you reach server-1
- broker redirect you to server-2 if needed
- it seems that the SSL VPN portal does not understand the redirect and stop the connexion.
so clearly, we need this NFR
BR
Stéphane
Hi where are we on this NFR ? I am on 2008 R2 with a 9 server farm and can't get connected either. Same issues as described above. We were about to buy Fortitokens, thankfully I tested this first. Its a show stopper. Support ticket #3801604
For anyone watching, Tier 2 support was very helpful in finding the issue. It lays with GUACD. Anyone else having this issue could you dump your output here to confirm?
commands used to find the problem
diag debug console timestamp enable
diag debug duration 0
diag debug application sslvpn -1
diag debug application guacd -1
I'm working on the same issue and I think I figured it out.
What you need to do is as follows:
1) Create a common internal DNS record for each RDSH server. eg:
farm1.corp.com - <internal IP of RDSH server 1>
farm1.corp.com - <internal IP of RDSH server 2>
2) Configure your SSL VPN bookmark to point to farm1.corp.com
From here, the system should handle the load balancing automatically and connect you to the RDS servers every time.
Interesting, well I can go to the terminal and use the ping command from my FG against my farm and it works. Do you have your FG connected to your DNS server? Also take one of the RDS offline with the drain command. see if the loadbalancing truly works. What version of Windows server?
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1733 | |
1106 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.