Has anyone had problems with random VMWare View client drops through the PaloAlto to the View Gateway?

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Has anyone had problems with random VMWare View client drops through the PaloAlto to the View Gateway?

L4 Transporter

We had issues with random session drops with VMWare View client connections through a View Gateway security server. After we moved from traversing a Palo Alto VirtualWire to the server in a Cisco ASA DMZ to just a straight L3 Palo Alto deployment the problem went away. We even had the drops with App-ID override but fewer.

Now though with the 356-1691 App-ID content release that updated vmware-view we started having problems again.

I rolled back to 355-1683 and we've had no random drops since. If I reapply 356 users start dropping again.

1 accepted solution

Accepted Solutions

L4 Transporter

Upgraded to the latest again and no drops. Latest issue appears to have been coincidental.

View solution in original post

7 REPLIES 7

L4 Transporter

Upgraded to the latest again and no drops. Latest issue appears to have been coincidental.

Thanks for the followup Smiley Happy

L4 Transporter

Upgraded to PAN OS 5.0.3 from 5.0.0 and now random drops are occurring again.

L1 Bithead

I´m currently on PAN OS 5.0.3 and APP 367-1746. ESX SSL Connections seem to be droped after 1800 seconds (this is the default timeout set in the ssl application tab). However, the PAN seems to just drop the session without notifying both peers as referenced by this article in the VMWare Knowledge-Base: http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=103847.... As a result the remote ESX Hosts are not manageable anymore. Is this problem related to the above stated problem?

We believe it to be related to the PCoIP traffic on port 4172. It does utilize SSL traffic on 443 also so I'll look into this a little. Right now though I wouldn't suspect this to be related. The VM Admins don't have any issues getting to the Security server in the DMZ zone.

We are seeing less drops now that all the front end App-ID and the gateway to connection server App-ID's are bypassed. Still saw two dropped users since then but not nearly what we saw before. Of these two drops, one was from a home user's wireless network and one was from our BYOD guest wireless network on campus. The one on campus that dropped 3 times has had a history of a bad wireless adapter as a known issue in her model of laptop. The one from home we have no control over or info on what their Internet utilization was at the time.

Thanks for the detailed information. We´re having quite a few problems with sessions timeouts at the moment - gonna make further investigations in the next couple days. Any results will be posted here ...

  • 1 accepted solution
  • 4293 Views
  • 7 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!