We faced an issue where users' traffic related to office applications from a system, on which Terminal Server is installed, gets dropped by the firewall due to the unknown source user. We are using Terminal Server Agent as the means of user identifications. Web browsing and traffic related to other applications pass through the firewall with no issue and of course, the source user is known for those traffics. At first, the source ports being used by those office applications were out of range of allocated ports on the TS, so we extended the range to the maximum value to no avail. Does anyone have an idea?
Thank you in advance.
Have you verified that the ports in question aren't listed in the reserved port range, that the user port allocation max limit isn't getting hit. It kind of sounds like the source port being utilized is in your system reserved port range allocation, or its not being allocated to that user due to the ports being used up and you've modified the 'Fail port binding when available ports are used up' option is not set the the default which would explain why the port isn't being identified.
Thanks for your reply. Ports are not reserved and after I extended the allocated port range, the source ports of the applications fall within the allocated range, however, the same result. Moreover, the user didn't hit the maximum allocation port limit.
I am not sure this is the issue but if the user allocation port range is from 20000 to 20199, those applications are using source ports like 44xxx. Is there any way we can force applications to use only the ports allocated to the users and not whatever port they want?
Thank you in advance.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!