F5 Firepass VE and RDS session broker

You will have to explain a little further as it sounds confusing. Can you finish the rest if possible?

 

 

User logs into Firepass.

 

User clicks on TS link, pointing to a farm.

 

User logs into TS and works in the TS environment.

 

User ?

Hi,

 

 

1. User logs into Firepass

 

2. User clicks on TS link, pointing to farm.

 

3. User will connect to the first server that DNS resolves on the farm name.

 

4. User then log on with is credentials

 

5. The server that the user initially connected to checks with the session broker which server the user should be redirected to.

 

6. The server sends the user the Ip address to the server it should connect to.

 

7. User gets connected to the server.

 

 

 

This is how it basically works.

 

 

 

 

 

To clarify Step 3.

 

Farm is registred in DNS with two entries

 

 

 

farm.customer.com 192.168.1.2

 

farm.customer.com 192.168.1.3

 

 

 

 

 

So its seems like its fails at step 6, the client never gets or the firepass doesnt allow the redirection.

 

 

 

 

 

 

 

 

 

 

 

 

 

I would create a CRE with F5 support. I can't explain why it does not work. It might have to do the way F5 does the host file patching during startup of the connection.

 

 

You can alternatively do an application tunnel instead. This does work.

Hi,

 

 

Any update on this discussion? I also have a customer who has this issue but they don't want to use an application tunnel for various reasons. My client has a FP 4110

 

 

Many thanks,

 

Clinton

 

No update here. I guess a case was never created?

I did find an RFE relating to my case - CR111243. The feature release has been marked as "Unspecified". According to another case I've researched (C687874), which matches closely with my clients requirements, using a TS session broker will work in Network Access but not Portal Access.