For details on cookie usage on our site, read our Privacy Policy
Terminal Server doesn't work with Microsoft applications
- LIVEcommunity
- Discussions
- General Topics
- Terminal Server doesn't work with Microsoft applications
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Printer Friendly Page
Terminal Server doesn't work with Microsoft applications
- Mark as New
- Subscribe to RSS Feed
- Permalink
01-06-2022 06:27 AM
Hi guys,
We faced an issue where users' traffic related to office applications from a system, on which Terminal Server is installed, gets dropped by the firewall due to the unknown source user. We are using Terminal Server Agent as the means of user identifications. Web browsing and traffic related to other applications pass through the firewall with no issue and of course, the source user is known for those traffics. At first, the source ports being used by those office applications were out of range of allocated ports on the TS, so we extended the range to the maximum value to no avail. Does anyone have an idea?
Thank you in advance.
- Mark as New
- Subscribe to RSS Feed
- Permalink
01-06-2022 11:42 AM
Have you verified that the ports in question aren't listed in the reserved port range, that the user port allocation max limit isn't getting hit. It kind of sounds like the source port being utilized is in your system reserved port range allocation, or its not being allocated to that user due to the ports being used up and you've modified the 'Fail port binding when available ports are used up' option is not set the the default which would explain why the port isn't being identified.
- Mark as New
- Subscribe to RSS Feed
- Permalink
01-07-2022 04:50 AM
Hi BPry,
Thanks for your reply. Ports are not reserved and after I extended the allocated port range, the source ports of the applications fall within the allocated range, however, the same result. Moreover, the user didn't hit the maximum allocation port limit.
I am not sure this is the issue but if the user allocation port range is from 20000 to 20199, those applications are using source ports like 44xxx. Is there any way we can force applications to use only the ports allocated to the users and not whatever port they want?
Thank you in advance.
- How to configure ingress to Azure Load Balancers with PaloAlto-secured network in VM-Series in the Public Cloud
- Issue with user detection on terminal server in General Topics
- GP internal gateway for Azure AD authenticated users in GlobalProtect Discussions
- Uninstall GlobalProtect on Mac ("Content Filter" remaining) in GlobalProtect Discussions
- GlobalProtect and multiple AAD tenants in General Topics
Show your appreciation!
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
