11-25-2015 05:11 AM
We have a deployment of the TS Agent on 2008 R2 terminalservers. The TS agent works as designed and reassigns source ports. However, one specific segment of one specific application that is based on MS Access fails to connect to an SQL server when the TS agent service is running.The application's vendor says they don't enforce specific source ports.
When the segment inside the application is started, in TCPView we see several system tcp sessions on random high ports (60k+) connect to the SQL server. When the agent is active and the call fails, those sessions are using the configured TS agent ports.
Has anybody else experienced problems with connecting with ODBC to an SQL server while the TS agent is running?
11-26-2015 02:53 AM
MS access application opens a large number of TCP connections, probably one for each SQL query.
These connections are very short lived, but the OS keeps them in TIME_WAIT state for 240 seconds by default.
I have seen that these can consume the entire allocated port block.
By default, TS agent does does not allocate an additional port range.
This behaviour can be changed with a registry setting HKEY_LOCAL_MACHINE\SOFTWARE\Palo Alto Networks\TS Agent\Conf\EnableTws
Check out the following DOC : https://live.paloaltonetworks.com/docs/DOC-5345
If EnableTws=0, we will not keep the list of ports in TIME_WAIT status, and thus may think that those TIME_WAITed ports are available.
To change this default behaviour, just change EnableTws=1, and new block of ports will be assigned to the user.
I hope this helps,
-Kim.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
