NLB - Session Host Configuration

victory2201 used Ask the Experts™

We recently purchased a Barracuda LB 340Vx for our terminal server load balancing.

I have configured the unit based on the guidelines provided in this link.

The load balancing feature is working as it should, however there is a quirky problem I am seeing upon initial connection. When I enter the Virtual IP address for the LB, it directs me to a server in the farm, then redirect's me again to another farm server before allowing me to log on.

Once I get logged on, I can reconnect with the same user from another machine and reopen the same session, as intended.


- Open mstsc.exe
- Connect to : x.x.x.x
- Shows connecting to Srvr1. Accept unregistered cert.
- Now points me to Srvr2 or Srvr3, accept again and we connect to the second server.

Any help that can be provided would be great.

Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Distinguished Expert 2018

So, what you mean is you are connecting to LB VIP and redirected to one server and actually get connected to another server ?

Have you configured session directory server in your environment ?


Correct. Its seems to be functioning as intended, since the LB is assigning sessions to each server accordingly. The cert acceptance screen was triggering twice for each server after it redirected a second time.

After further investigation, I noticed this was happening when it tried to hit a server with more current sessions then another.

I was able to get around this prompt by going into the settings for Remote Desktop and changing the advanced value under server authentication to "Connect and don't warn me".

Distinguished Expert 2018
Did certificate name matches with FQDN of terminal server and do you enter NLB VIP FQDN in RDP connection box or you simply typing LB VIP in RDP connection box ?

Make sure that certifcates are issued with FQDN of terminal server and you are connecting to server with FQDN of VIP
If you hav,nt created FQDN for VIP yet, please create one in DNS
Also ensure that Certificate issuer root cert is installed on client computers

Then you should not prompt twice popups



Mahesh, thank you for your assistance. All is working well now. :)

(And yes, I have already assigned a static entry in DNS for the VIP)

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial