Forum Discussion

oddarnep_40030's avatar
Icon for Nimbostratus rankNimbostratus
Feb 04, 2011

F5 Firepass VE and RDS session broker




Im trying to configure an Terminal server application access to some terminal servers in a session broker configuration.


The farm is configured with IP address redirection.




The favorite is configured with the hostname of the farm.


But it seems like when the client gets redirected to another server that it just disconnects.


Anyone know if this is even supported on the firepass?






6 Replies

  • You will have to explain a little further as it sounds confusing. Can you finish the rest if possible?



    User logs into Firepass.


    User clicks on TS link, pointing to a farm.


    User logs into TS and works in the TS environment.


    User ?
  • Hi,



    1. User logs into Firepass


    2. User clicks on TS link, pointing to farm.


    3. User will connect to the first server that DNS resolves on the farm name.


    4. User then log on with is credentials


    5. The server that the user initially connected to checks with the session broker which server the user should be redirected to.


    6. The server sends the user the Ip address to the server it should connect to.


    7. User gets connected to the server.




    This is how it basically works.






    To clarify Step 3.


    Farm is registred in DNS with two entries







    So its seems like its fails at step 6, the client never gets or the firepass doesnt allow the redirection.














  • I would create a CRE with F5 support. I can't explain why it does not work. It might have to do the way F5 does the host file patching during startup of the connection.



    You can alternatively do an application tunnel instead. This does work.
  • Hi,



    Any update on this discussion? I also have a customer who has this issue but they don't want to use an application tunnel for various reasons. My client has a FP 4110



    Many thanks,




  • I did find an RFE relating to my case - CR111243. The feature release has been marked as "Unspecified". According to another case I've researched (C687874), which matches closely with my clients requirements, using a TS session broker will work in Network Access but not Portal Access.