cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
9448
Views
10
Helpful
21
Replies

ASA 5510 and remote desktop session broker

Colin_Allman
Level 1
Level 1

Hey everyone,

The issue I'm having is that we are running a load balanced terminal server farm with 2 terminal servers and using Microsoft Remote Desktop Session Broker for load balancing.  Internally load balancing works excellent.  The issue is when trying to come in from the outside and you don't get load balanced on to the the one TS then your connection is lost.

I have set up a network object containing a Range of the 2 IP addresses, and configured a NAT rule for port forwarding using that Object.  I have also configured an access rule for it.

What we figure is that once you come in through the router it says "ok, you're going here" then the load balancer kicks in and if it matches the router then it's fine, but if the load balancer switches to the other IP, the router says "No way!, that's not where you told me you're going" and drops it.

Any ideas on how to go about setting this up?

Thanks in advance,

Colin

21 Replies 21

Hi James,

Thanks for the update.

At least that's a definitive answer that session broker is not supported when using the RDP plug-in. It's a shame there's no solution for it at the moment, as not all companies will have the resource to deploy extra servers as a work around.

HTH Paul ****Please rate useful posts****

Did you find any parameters that might work with RD Gateway using WebVPN?

Daniel Algarin
Level 1
Level 1

Old thread but still appears to be generating activity so I will add my two cents to the issue originally reported.  We were able to work around the issue without the gateway by:  1)  Adding a MS Loopback Adapter with the external IP, a 255.255.255.255 mask and no gateway 2) specifying this address as the redirect address in the session broker settings.

joedekock
Level 1
Level 1

Guys... I struggled with this same problem for a few days but found a good solution.  You can check it out here:

http://ent-admin.blogspot.com/2013/05/access-terminal-server-farm-behind.html

jwmolenaar
Level 1
Level 1

Hi Gents,

With Clientless SSL VPN you may
use the smarttunnel feature to connect via an session broker. When the smarttunnel is running you are able to run a remote desktop session exactly the way as you will do in the office

Sent from Cisco Technical Support iPhone App

How do clients resolve internal names when using the Smart tunnels?

Has anyone any recommendations for load balancers?  2X and loadbalancer.org don't work well at reconnecting sessions.

Thanks

About DNS resolving:

Smart tunnels on Cisco ASA