Created on 05-26-2020 02:40 AM Edited on 05-26-2022 08:58 AM By Anonymous
Description
This article describes how to access server farm via RDP over SSL VPN Web mode and the Fortinet FortiADC using round robin as load balancing method.
Solution
Network topology.
# diagnose sniffer packet any "host 20.20.20.20 and port 3389" 4From the FortiADC GUI, monitor this connection with virtual server and destination address.
interfaces=[any]
filters=[host 20.20.20.20 and port 3389]
22.599973 port2 out 20.20.20.1.7267 -> 20.20.20.20.3389: syn 1190583404
22.605683 port2 in 20.20.20.20.3389 -> 20.20.20.1.7267: syn 3383112461 ack 1190583405
22.605714 port2 out 20.20.20.1.7267 -> 20.20.20.20.3389: ack 3383112462
22.605940 port2 out 20.20.20.1.7267 -> 20.20.20.20.3389: psh 1190583405 ack 3383112462
22.612467 port2 in 20.20.20.20.3389 -> 20.20.20.1.7267: psh 3383112462 ack 1190583448
22.612493 port2 out 20.20.20.1.7267 -> 20.20.20.20.3389: ack 3383112473
…..
# diagnose debug flow filter clear
# diagnose debug flow filter addr "20.20.20.20" <----- The virtual servers IP address.
# diagnose debug enable
# diagnose debug flow trace start 3
# id=20085 trace_id=7 func=print_pkt_detail line=5519 msg="vd-root:0 received a packet(proto=6, 20.20.20.1:7272->20.20.20.20:3389) from local. flag [S], seq 2200022367, ack 0, win 42340"
id=20085 trace_id=7 func=init_ip_session_common line=5684 msg="allocate a new session-00001c35"
id=20085 trace_id=8 func=print_pkt_detail line=5519 msg="vd-root:0 received a packet(proto=6, 20.20.20.20:3389->20.20.20.1:7272) from port2. flag [S.], seq 198986456, ack 2200022368, win 64000"
id=20085 trace_id=8 func=resolve_ip_tuple_fast line=5599 msg="Find an existing session, id-00001c35, reply direction"
id=20085 trace_id=8 func=vf_ip_route_input_common line=2591 msg="find a route: flag=84000000 gw-20.20.20.1 via root"
id=20085 trace_id=9 func=print_pkt_detail line=5519 msg="vd-root:0 received a packet(proto=6, 20.20.20.1:7272->20.20.20.20:3389) from local. flag [.], seq 2200022368, ack 198986457, win 6"
id=20085 trace_id=9 func=resolve_ip_tuple_fast line=5599 msg="Find an existing session, id-00001c35, original direction"
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.