Apr 03 2020 08:03 AM
University setting, VMWare & Microsoft
Internal domain local.name.edu external domain name.edu
Setup 2019 server vapps-01.local.name.edu outside name vapps.name.edu going through Barracuda load balancer as a proxy. using a wildcard cert *.name.edu (vapps-01.local.name.edu as SAN) and applied down the line. Thumbprints checked and verified.
from browser, can open https://vapps.name.edu that is redirected to https://vapps.name.edu/rdweb/webclient and connects to vapp-01.local.name.edu/rdweb/webclient and comes up with login credentials. Can login using local\name and password.
Brings up console with applications and when application is selected, "opening remote port", "Configuring remote port" and dies there. "Oops, we couldn't connect to "app" The connection to the remote PC was lost, This might be because of a network connection problem. If this keeps happening, ask your admin or tech support for help."
Well, **bleep**. That's me.
As far as I can tell, the app is opening an RDP connection on port 3392, which is open in firewall and has SSL cert attached to it but the connection is failing.
I am hoping someone out there has had this happen to them and they know what check box I missed or link I need to change.
Wireshark makes it appear as 3389 is dropping session with a RST, ACK Maybe that is issue. Could be DNS, Could be needing a gateway... Hopefully someone has experience with 2019 now?
Apr 14 2020 07:51 PM
Solution@McGentrix hi - for VMware deployments it might be best to loop in VMware - or use their support platforms. Thanks.
Apr 15 2020 09:45 AM
For some reason, @Eva Seydl marked this as the best answer? This is no answer so for it to be marked best answer is no good. What would VMWare have to do with this at all? It obviously either a certificate issue or a permission issue with Microsoft and there is no documentation or guidance to move on.
While I appreciate Pieter's effort, pushing this off as a VMWare issue is really just passing the buck. I'm not looking for buck passing, but help or answers. Problem has not been resolved or answered.
Apr 15 2020 10:36 AM
@McGentrix it's pretty difficult to troubleshoot this over forum posts especially when additional 3rd party components (VMware/Barracuda appliances) are included for which we don't own the code nor experience. Would it be possible to test without any of that involved using a basic infrastructure before adding proxies?
Side note: WVD doesn't use 3389 but 443 only. The VM creates an outbound 443/TCP connection into our management plane and ties the connection coming from the client.
Thanks,
Pieter
Apr 15 2020 11:06 AM
@McGentrix : Please contact as suggested VMWare to confirm this is not a bug within the management plane.
Thank you!
Apr 15 2020 11:48 AM
@PieterWigleven The issue is repeatable inside the DMZ going to local address which rules out the load balancers and any connectivity issues.
Apr 15 2020 11:52 AM
@McGentrix If this is not using VMware you can could use PowerShell to see diagnose issues: https://docs.microsoft.com/en-us/azure/virtual-desktop/diagnostics-role-service
We see this error a lot when there's a UPN mismatch between AAD and AD.
If it is VMware, we are unable to help you. Apart from the OS, the code used here is not in our control.
Apr 15 2020 12:47 PM
@PieterWigleven I am questioning now if you even read the problem I am having. Go back, read the OP and tell me how the help you are providing is helping.
Apr 15 2020 11:23 PM
@McGentrix your opening statement is "University setting, VMWare & Microsoft" so, are you using VMWare? You have also posted this question in the Windows Virtual Desktop community: are you using WVD? Is it VMWare integration with WVD; or neither?
To effectively troubleshoot your connectivity issue the best approach is to first remove all of the non-Microsoft components from the network path then re-test. Your description also suggests that you don't have an RD Gateway. Do you have all of the components required for a fully functioning RDS environment https://docs.microsoft.com/en-us/windows-server/remote/remote-desktop-services/desktop-hosting-logic...
Apr 16 2020 05:27 AM
@Danny Newport "You have also posted this question in the Windows Virtual Desktop community:" Well that explains it... When I started this, I was in https://techcommunity.microsoft.com/t5/windows-server-for-it-pro/bd-p/WindowsServer
We don't even use WVD so this should not be in this community.
Apr 14 2020 07:51 PM
Solution@McGentrix hi - for VMware deployments it might be best to loop in VMware - or use their support platforms. Thanks.