I have been using the F5 to LB between 2 Microsoft RDS Gateways and works fine for both desktops and published apps.
I now need to use an iRule to block web page access on the RDS gateway for some network addresses and destination uri.
this works fine and only expected networks can load the web login page supplied by the gateways but when i select one of the published apps I see the F5 trying to connect directly to the server in the farm on port 3389. prior to using iRules the 3389 connection was initiated by the RDS gateway as expected.
Any help greatly appreciated..
Thanks for your reply..
its not the iRule causing the issue but we need to use iRule to inspect uri. To do this we need to decrypt traffic and then re-encrypt to rds gateway. During this process the F5 is seeing the rdp connection within the ssl encapulation and using that information to connect. Can it be modified to not share internal information?
I used the iapp for microsoft rds gateways. This built the virtual host and profiles. In the reconfigure you have the option to bridge ssl, decrypt and re encrypt or decrypt and forward http. We do not allow http on our network so we need to decrypt and re encrypt. I will forward the profile settings if required. Can we add to iRule to prevent udp connection attempt by F5. Thanks for your help here...
im not a RDP expert, but i dont expect the F5 the actually turn TCP into UDP if that is what you are seeing. you might see a lost UDP monitor or something like that. or the actual RDP client sending UDP which then is send further.