This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Terminal services agent issue with traffic dropping

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Terminal services agent issue with traffic dropping

infradata
L1 Bithead

‎09-17-2014 05:01 AM

Hi,

We currently let our TSA connect to our management interface. This is however causing problems in that in about 30 mins all traffic is dropped on the management interface. The GUI and CLI and such are time-outed then. To resolve this we need to remove the TSA on the PA and the interface works fine again.

Support recommends to provision an dedicated physical interface for these clients (around 150). Is this a known issue with the management interface and TSA's ?

Labels:
6 REPLIES 6

hshah
L6 Presenter

‎09-17-2014 06:02 AM

Hi Infradata,

Normally TSA works on management interface without issue.

However, based on information provided in this thread, it seems TSA spikes out Memory/CPU on Management interface. Which results in loss of management access and traffic. Let me know if that is the issue.

If that is correct than there are two possibility,

1. Too much Traffic exchange between Firewall and TSA

2. Potential bug

Did TAC engineer provided any root cause.

Regards,

Hardik Shah

0 Likes Likes

infradata
L1 Bithead
In response to hshah

‎09-19-2014 05:58 AM

We currently only have one agent connected when this isse occurs so i rule out too much traffic.

No rool cause as of yet. We are now setting up the new physcal interface to test this setup and see if this resolves the issue.

0 Likes Likes

Jacobwebb
L1 Bithead

‎09-19-2014 06:37 AM

Infradata,

Are you currently running an antivirus or firewall on the computer hosting your TSA?  If so what is the software?

Regards,

Jacob Webb

0 Likes Likes

hshah
L6 Presenter
In response to infradata

‎09-19-2014 07:33 AM

Hi Infradata,

I would not encourage to go for this work around before finding root cause.

Connect a console to firewall, and then check whats happening with firewall at the time of issue.

1. check if management interface has ARP for default gateway

2. Check if it can ping the default gateway

3. Do tcpdump to find out whats happening with packets.

How To Packet Capture (tcpdump) On Management Interface

4. check management resource

show system resources

5. check ms.log for obvious error "tail follow yes mp-log ms.log

Let me know if this helps.

Regards,

Hardik Shah

0 Likes Likes

infradata
L1 Bithead

‎09-26-2014 12:17 AM

So we let all the agents connect to the new physical interface and we have no problems anymore. We now have added around 90 agents and it's all working now.

0 Likes Likes

hshah
L6 Presenter
In response to infradata

‎09-26-2014 07:25 AM

Thants great Infradata.... Which firewall platform is this ?

0 Likes Likes
  • 3075 Views
  • 6 replies
  • 1 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks