Solved

SonicWALL 4200 RDP to TS Farm

Posted on 2014-01-23
7
837 Views
Last Modified: 2014-02-18
Please help!

Currently there is an issue with our SonicWALL 4200 VPN appliance.
Its quite random but is causing major frustration.

The SonicWALL 4200 is configured with a TSFARM RDP - Java connection for all users who connect to the appliance.
There is a problem where the user will connect to the SonicWALL VPN fine then there is a global TSFARM - RDP using Java (3 load balanced Remote Desktop Server all running Windows Server 2008).
If the user logs in with there Active Directory account and doesn't get connected straight away, it comes up with a second login screen asking to authenticate with there AD credentials again. Password only as Username already filled out.
The problem is that if they do get the second login prompt something odd is happening with the Shift and Caps lock keys so it randomly thinks the caps lock is on when the shift key is pressed.
Now this causes issues with the password due to it using complexity with uppercase, lowercase and numerics required.

It then fails to login to the server because of this issue.

But on random occasions it will login fine with the initial RDP connection and will then work OK.

We thought it was perhaps Java being funny and have reinstalled it on various machines.

It's really frustrating as the Directors are the main users of it.

Currently I am asking them to keep logging off the RDP session if they get the second login happen.
Then keep trying until the first login is successful.

Any ideas with this weird caps lock/shift key issue would be appreciated.

Thanks,
Rich
0
Comment
Question by:mudfrog
  • 4
  • 2
7 Comments
 

Author Comment

by:mudfrog
Comment Utility
I've just been testing this further and I'm wondering whether it was to do with the load balancing.

On initial connection I connected to TER-001 server.
I then authenticated with my AD account and it then prompted for a second login but put me onto TER-002 server. This is where the issue with the caps lock and shift key causes issues.

I then tried it and initially got logged onto TER-003. It then prompted for a second login but had redirected my session to the TER-001 server.

Ahhhh!
0
 

Author Comment

by:mudfrog
Comment Utility
It seems to be worse the more complex the password is with the second prompt.
If you have various capital letters and the more you have to press the shift button seems to be an issue.

Random is an understatement.
0
 
LVL 24

Accepted Solution

by:
diverseit earned 500 total points
Comment Utility
Hi mudfrog,

Have you considered SSO on the SonicWALL to alleviate this issue? This seams very strange as you noted. Something seems to be miscommunication in the remote layer. I have seen this take place in other remote systems where something breaks in the virtual space and a particular function doesn't become available any more but this seems to at least have some sort of pattern with which server its authenticating to OK.

Let me know how it goes!
0
The curse of the end user strikes again      

You’ve updated all your end user’s email signatures. Hooray! But guess what? They’re playing around with the HTML, adding stupid taglines and ruining the imagery. Find out how you can save your signatures from end users today.

 

Author Comment

by:mudfrog
Comment Utility
I think I may try and log a call with Dell who have taken over the support of these SonicWall appliances.
0
 
LVL 19

Expert Comment

by:compdigit44
Comment Utility
have you check you session persistence type? I.E stateful and stateless session must be handled differently.
0
 

Author Comment

by:mudfrog
Comment Utility
I can't see the session persistence setting on the 4200.
I'm not sure it has that feature tbh.
0
 
LVL 19

Expert Comment

by:compdigit44
Comment Utility
I'm not that familiar with the SonicWALL 4200 but from what you discribed this issue really does sound like a persistance issue.
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

Hi All,  Recently I have installed and configured a Sonicwall NS220 in the network as a firewall and Internet access gateway. All was working fine until users started reporting that they cannot use the Cisco VPN client to connect to the customer'…
You might have come across a situation when you have Exchange 2013 server in two different sites (Production and DR). After adding the Database copy in ECP console it displays Database copy status unknown for the DR exchange server. Issue is strange…
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now