Hi All,
Hope somebody have experienced and resolved this problem before. Not sure where to post.
We have a client with two gateways on their network. Gateway A 192.168.3.250 supplies all inetenet traffic and all devices and servers point to this gateway. Gateway B 192.168.3.200 is a VPN connection to two remote sites.
Users at the remote sites rdp onto the terminal server 2008 r2 at HO and prints back through gateway B VPN to the remote sites. To route remote local traffic from the TS through Gateway B we use static routes.
Persistent Routes:
Network Address Netmask Gateway Address Metric
0.0.0.0 0.0.0.0 192.168.3.250 Defaul
192.168.1.0 255.255.255.0 192.168.3.200 1
192.168.2.0 255.255.255.0 192.168.3.200 1
This solution works perfectly.
Problem: We have installed a new Firewall UTM gateway device on the network, taking over the role of Gateway A. It allows controlled internet traffic and URL traffic for users through authentication. For users to get authenticated and reported on correctly all users on the Terminal server needs their own IP address. Easy, we enable IP virtualization or so we thought.
Suddenly users started losing connection on the routed traffic. After troubleshooting we found that every time a user logs off it drops the routed traffic connection for all users until the user logs back on.
You could see this happening by running a continues ping through the VPN from the remote sites to HO Tserver When the tserver user logs off the ping drops, so nobody can print. The same user logs back on then all comes up again. Very strange problem. Anyway,
to resolve we had to remove the IP Virtualization option and all routing worked fine again without dropping from the terminal server.
Does anybody know if this is a known issue and how to resolve by keeping the static routes on the Terminal Server. Next move will be to have new forewall take control of all VPN's and routing traffic. This will require quite a bit of network reconfiguration that I am trying to avoid.
Thanks Very Much
