Jump to content
Welcome to our new Citrix community!

VMWare Horizon RDP connection drop when NetScaler does a failover


Recommended Posts

Hi all!

 

I'm really not sure this is the correct forum, but I couldn't figure out where else to raise this question..

 

I have an issue with our VMWare Horizon load balancing. For several reasons our users by default use RDP connections in Horizon View Client to connect to a VDI. We have tunneled our connections through a NetScaler with a SSL_BRIDGE load balancing, and the SNIP is on the same vlan as the hcs servers. 

The connection works fine, but when we do a failover on the NetScaler a lot of users loose their RDP connections. It drops immediately after the failover. They are able to log right in, but the connection drop is quite anoying.

 

Any experiences or thoughts on how to prevent this?

Link to comment
Share on other sites

7 hours ago, Ted Rasmussen1709157155 said:

Hi Carl, you are fast!! Thanks!

 

Mirroring is not enabled, and the Connection Failover option is not even present in the protection settings.

 

The load balancer is not SSL_BRIDGE as I wrote initially, it's actually SSL_TCP.

 

This is not possible without connection failover and Connection Failover works only in a High Availability (HA) environment and only for the following service types with Connection Failover configured for STATEFUL:

TCP
UDP
ANY
FTP
SSL_BRIDGE

 

https://support.citrix.com/article/CTX119871

Link to comment
Share on other sites

4 hours ago, Ted Rasmussen1709157155 said:

Thanks Raman.

 

What I don't understand is what makes SSL_TCP so different from regular TCP? I would imagine the behaviour is similar to SSL_BRIDGE..?

 

 

SSL_BRIDGE will not terminate the SSL connections like TCP (443) will, however SSL_BRIDGE gives you a few more options like using SSL session ID persistence.

 

SSL_TCP terminates the SSL handshake and is mostly used in cases where application layer protocol is NOT HTTP. Example: LDAPS

Link to comment
Share on other sites

On 10/12/2018 at 0:28 PM, Raman Kaushik said:

SSL_TCP terminates the SSL handshake and is mostly used in cases where application layer protocol is NOT HTTP. Example: LDAPS

 

And RDP i suppose.

 

Horizon tunnels RDP sessions through port 443, so it makes sense not to use anything with http/https for this.

But I really don't see why it's not possible to use it on SSL_TCP when it's available on TCP..

 

Future ware I guess..

Link to comment
Share on other sites

  • 7 months later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...