Hi All, We have two sites (one in each DC). It is set up as Active/Active. We have set up DNS Round Robin to "Load Balance" the connections between each site. We are seeing issues arise whe...
See more...
Hi All, We have two sites (one in each DC). It is set up as Active/Active. We have set up DNS Round Robin to "Load Balance" the connections between each site. We are seeing issues arise where when a user authenticates the it hangs and then fails. We use RSA 2FA as well as AD login credentials to log in. I did a test from my desktop with TCPview and noticed what was happening. The initial connection gets one IP. I enter the RSA details, but then when it comes back with the AD Credentials it created another connection to the other DNS entry in the Round Robin DNS. as a result the login times out and fails and the connection drops Has anyone seen this type of behavior and possibly know how to stop the client from re-requesting DNS resolution and just keep the initial resolution it got. This does not happen all the time, but it happens enough for users to get annoyed and start complaining. The times when the user is able to log in, on most occasions it just works and there are no issues, but we have also seen when users who are using published Apps and then decide to open a Desktop, then the whole session fails. I think this is a result of the client trying to send the connection down the other resolved IP (as it probably decided to resolve the Access point URL again) We are running 7.12 and UAG 3.9 Thanks in advance