Hello,
With a customer they notice a problem with rdp sessions, which are lost at random. They connect to a Windows 2012 rdp server (RDS Gateway with several servers behind it). I managed to reproduce the issue by killing an rdp session in the session table -> the screen on the Wyse terminal freezes and the connection is dropped. You have to re-establish a session.
Well, windows 2012 uses udp for improved performance (win2008 uses the connection oriented tcp).
What I am trying to find out is WHY sessions are dropped. I know udp has a 120s idle timer, but the users get disconnected while working (so not idle). Blocking udp makes the RDS GW switch to tcp as protocol, which looks to be more stable.
Does anyone has recommendations on this? E.g. logs doesn't show anything. What make that udp sessions are lost?
Thanks for help,
Ralph
p.s. I recently upgraded the FGT240d cluster from 5.2.3 to 5.2.5 but that didn't change this issue
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Try debugging the flow, something similar to the following...
diag debug reset
diag debug flow filter addr <IP address>
diag debug flow filter proto 17
diag debug flow filter port <port#>
diag debug flow show console enable
diag debug flow trace start 1000
diag debug en
See KB#FD33882 for further examples.
NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C
Thank you, the problem is that approx 500 users are connected concurrently through rdp and it happens at random sessions at random times. So actually the number of packets will be huge to debug.
However, when we have no other alternatives, this might be the only way to tshoot
Hello,
I have the same problem with Sessions dropped. Did you find the solution ?
Regards,
Hello Charl,
The issue was appeared not to be caused by the Fortigate but by the Core Switch, so unfortunately I cannot help you Kind regards,
Ralph
Hello, I have the same problem with Sessions dropped. Did you find the solution ? Regards,
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1731 | |
1099 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.