02-26-2013 12:33 PM
We had issues with random session drops with VMWare View client connections through a View Gateway security server. After we moved from traversing a Palo Alto VirtualWire to the server in a Cisco ASA DMZ to just a straight L3 Palo Alto deployment the problem went away. We even had the drops with App-ID override but fewer.
Now though with the 356-1691 App-ID content release that updated vmware-view we started having problems again.
I rolled back to 355-1683 and we've had no random drops since. If I reapply 356 users start dropping again.
03-07-2013 11:30 AM
Upgraded to the latest again and no drops. Latest issue appears to have been coincidental.
03-07-2013 11:30 AM
Upgraded to the latest again and no drops. Latest issue appears to have been coincidental.
03-09-2013 12:13 AM
Thanks for the followup 
03-22-2013 11:34 AM
Upgraded to PAN OS 5.0.3 from 5.0.0 and now random drops are occurring again.
04-17-2013 05:59 AM
I´m currently on PAN OS 5.0.3 and APP 367-1746. ESX SSL Connections seem to be droped after 1800 seconds (this is the default timeout set in the ssl application tab). However, the PAN seems to just drop the session without notifying both peers as referenced by this article in the VMWare Knowledge-Base: http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=103847.... As a result the remote ESX Hosts are not manageable anymore. Is this problem related to the above stated problem?
04-17-2013 07:54 AM
We believe it to be related to the PCoIP traffic on port 4172. It does utilize SSL traffic on 443 also so I'll look into this a little. Right now though I wouldn't suspect this to be related. The VM Admins don't have any issues getting to the Security server in the DMZ zone.
04-17-2013 08:00 AM
We are seeing less drops now that all the front end App-ID and the gateway to connection server App-ID's are bypassed. Still saw two dropped users since then but not nearly what we saw before. Of these two drops, one was from a home user's wireless network and one was from our BYOD guest wireless network on campus. The one on campus that dropped 3 times has had a history of a bad wireless adapter as a known issue in her model of laptop. The one from home we have no control over or info on what their Internet utilization was at the time.
04-17-2013 10:37 PM
Thanks for the detailed information. We´re having quite a few problems with sessions timeouts at the moment - gonna make further investigations in the next couple days. Any results will be posted here ...
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
