RDP and WAAS

I'm using 2X ApplicationServer for Windows Terminal Server. It uses port 81 to connect to the Application server and then RDP 3389 to the Terminal Servers from the Application server. I have added a diagram to review.
I have added a policy to Optimize (TFO Only) for port 81 to accelerate the connection between a client and the app server (App server and Terminal Server farm).
Is this the best way to optimize RDP? The RDP policy (MS-Terminal-Services) appears to be TFO only by default, but does anyone compress (DRE and/or LZ) any of this for further acceleration? Is this possible?
The reason I ask is because we have several people in remote offices trying to view pictures and mapping software, which can get quite "laggy" over an RDP session at times.
Thanks,
David

Thanks for the info, Zach. I did some searching and indeed did find you stating this in the posting.
I am Windows Server 2003 R2 and Windows XP. However, by using the 2X application, it appears that the clients connect to the broker server on port 81 and then the broker server connects through RDP to the back-end terminal servers.
I am not sure how to put a policy in for this end-to-end level of connectivity, but for now I have added a policy to use TFO between clients and the broker server via port 81.
Thanks for the help,
David

Similar Messages

  • A problem with RDP when WAEs was connected to the network

    The customer has a problem with RDP sessions on one Microsoft cluster server. The problem started when the WAEs (management and acceleration WAEs) are connected to a network (where a cluster is connected). Did anybody have the similar problem? The sessions are connected, but after some different times these sessions are frozen. This problem is only with this Microsoft cluster, the RDP on other servers are good. The WAAS is 4.0.17b14.

    Hi,
    I have the same problem as I write. RDP seems to get slower when I connect the WAEs and the login timesout before the user can type the username and password.
    I have ensured that "EPM Classification" is disbled.
    Check and see if Term-services are well configured on the TS server side. Maybe some config is conflicting with WAAS TS optimization.
    What happens when you set TS to passthrough?
    Also try this for your case;
    " HOW-TO: Configuring RDP and Terminal Services for Full WAAS Optimization
    Microsoft RDP and Terminal Services are, by default, compressed and encrypted. As such, the default Cisco WAAS policy for these applications is to apply TCP optimizations only. RDP and Terminal Services can be configured to allow Cisco WAAS to provide full optimization (DRE, LZ, TFO) which is a 2X-10X improvement over native WAN and 2X-3X improvement over the compression provided by Microsoft.
    Configuring Microsoft RDP and Terminal Services to support Cisco WAAS full optimization requires a change to the client and a change to the server.
    On the client, disable compression by editing the .RDP file for the connection using Notepad or a similar text editor. Identify a line in the file that shows "compression:i:1". Modify this line to say "compression:i:0". This disables compression for the RDP/TS connection.
    On the server, open the Terminal Services Configuration found under Start > Programs > Administrative Tools. From here, expand Terminal Services Configuration to Connections. Double-click the "RDP-Tcp" entry found in the workspace. Change the encryption level to "Low", which specifies that only login will be encrypted. Then, click "Ok" and close Terminal Services Configuration.
    Then, modify the Cisco WAAS policy on the configured device group (or explicitly on each of the WAEs) called "MS-Terminal-Services". Set this policy to "Optimize Full". "
    Anyone out there with a clue why RDP gets disconnected?

  • CRL errors in RDP and others

    I've been trying for a couple of days now to troubleshoot revocation list errors in RDP and broken chain problems in VCenter server. I'm sure it's a misconfiguration on the enterprise subordinate CA, but I cannot find out where.
    I've read many other posts and solutions on this forum, but no resolve yet.
    We have an offline standalone Root CA running Windows Server 2012 R2 Standard, and a Domain joined subordinate CA.
    Creating the template and issuing the RDP certs works fine, but upon connection we get a
    "a revocation check could not be performed for the certificate" for internal domain joined clients. Creating certificates for VCenter server also squawks about a broken chain.
    Maybe cert chain is still looking for the RootCA to be online?
    The AIA and CDP locations are http, and reachable from the client. If anyone can help, here is the output from the certutil -verify command from one of the many affected clients:
    C:\temp>certutil -f -urlfetch -verify temp2.cer
    Issuer:
        CN=VSHQECA-SUB-CA
        DC=contoso
        DC=net
    Subject:
        EMPTY (DNS Name=VSHQSPICE.contoso.net)
    Cert Serial Number: 2c000003c02851996be18a72270002000003c0
    dwFlags = CA_VERIFY_FLAGS_ALLOW_UNTRUSTED_ROOT (0x1)
    dwFlags = CA_VERIFY_FLAGS_IGNORE_OFFLINE (0x2)
    dwFlags = CA_VERIFY_FLAGS_FULL_CHAIN_REVOCATION (0x8)
    dwFlags = CA_VERIFY_FLAGS_CONSOLE_TRACE (0x20000000)
    dwFlags = CA_VERIFY_FLAGS_DUMP_CHAIN (0x40000000)
    ChainFlags = CERT_CHAIN_REVOCATION_CHECK_CHAIN (0x20000000)
    HCCE_LOCAL_MACHINE
    CERT_CHAIN_POLICY_BASE
    -------- CERT_CHAIN_CONTEXT --------
    ChainContext.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
    ChainContext.dwErrorStatus = CERT_TRUST_REVOCATION_STATUS_UNKNOWN (0x40)
    ChainContext.dwErrorStatus = CERT_TRUST_IS_OFFLINE_REVOCATION (0x1000000)
    SimpleChain.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
    SimpleChain.dwErrorStatus = CERT_TRUST_REVOCATION_STATUS_UNKNOWN (0x40)
    SimpleChain.dwErrorStatus = CERT_TRUST_IS_OFFLINE_REVOCATION (0x1000000)
    CertContext[0][0]: dwInfoStatus=102 dwErrorStatus=1000040
      Issuer: CN=VSHQECA-SUB-CA, DC=contoso, DC=net
      NotBefore: 05/22/2014 11:26 PM
      NotAfter: 05/22/2015 11:26 PM
      Subject:
      Serial: 2c000003c02851996be18a72270002000003c0
      SubjectAltName: DNS Name=VSHQSPICE.contoso.net
      Template: contosordpCertificate
      bc 41 e9 95 b9 df fe f2 46 87 55 ec 94 84 ff d1 3f b3 00 6d
      Element.dwInfoStatus = CERT_TRUST_HAS_KEY_MATCH_ISSUER (0x2)
      Element.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
      Element.dwErrorStatus = CERT_TRUST_REVOCATION_STATUS_UNKNOWN (0x40)
      Element.dwErrorStatus = CERT_TRUST_IS_OFFLINE_REVOCATION (0x1000000)
      ----------------  Certificate AIA  ----------------
      No CRL "Certificate (0)" Time: 4
        [0.0] http://vshqeca-sub.contoso.net/CertEnroll/VSHQECA-SUB.contoso.net_VS
    HQECA-SUB-CA(2).crt
      ----------------  Certificate CDP  ----------------
      Expected Base CRL "Delta CRL (43)" Time: 4
        [0.0] http://vshqeca-sub.contoso.net/CertEnroll/VSHQECA-SUB-CA(2).crl
      ----------------  Certificate OCSP  ----------------
      No URLs "None" Time: 0
      Application[0] = 1.3.6.1.4.1.311.54.1.2 Remote Desktop Authentication
    CertContext[0][1]: dwInfoStatus=102 dwErrorStatus=40
      Issuer: CN=VSRMSRootCA
      NotBefore: 03/26/2014 2:27 PM
      NotAfter: 03/23/2024 1:02 PM
      Subject: CN=VSHQECA-SUB-CA, DC=contoso, DC=net
      Serial: 5200000005b0d119bfff437395000000000005
      Template: SubCA
      08 8b cf eb c2 21 5f 4a 75 63 87 34 4b c0 29 bf 14 2b c9 fa
      Element.dwInfoStatus = CERT_TRUST_HAS_KEY_MATCH_ISSUER (0x2)
      Element.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
      Element.dwErrorStatus = CERT_TRUST_REVOCATION_STATUS_UNKNOWN (0x40)
      ----------------  Certificate AIA  ----------------
      No URLs "None" Time: 0
      ----------------  Certificate CDP  ----------------
      No URLs "None" Time: 0
      ----------------  Certificate OCSP  ----------------
      No URLs "None" Time: 0
      Issuance[0] = 1.2.3.4.1455.67.89.5
    CertContext[0][2]: dwInfoStatus=10c dwErrorStatus=0
      Issuer: CN=VSRMSRootCA
      NotBefore: 03/23/2014 12:52 PM
      NotAfter: 03/23/2024 1:02 PM
      Subject: CN=VSRMSRootCA
      Serial: 15630f00af95e2a74e493d40cfa5bb62
      15 b9 31 47 68 66 ed 51 a3 ae db 78 14 41 e4 47 c3 fe 67 33
      Element.dwInfoStatus = CERT_TRUST_HAS_NAME_MATCH_ISSUER (0x4)
      Element.dwInfoStatus = CERT_TRUST_IS_SELF_SIGNED (0x8)
      Element.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
      ----------------  Certificate AIA  ----------------
      No URLs "None" Time: 0
      ----------------  Certificate CDP  ----------------
      No URLs "None" Time: 0
      ----------------  Certificate OCSP  ----------------
      No URLs "None" Time: 0
      Issuance[0] = 1.2.3.4.1455.67.89.5
    Exclude leaf cert:
      46 d2 e8 24 8f d5 4e 9b 8b d5 d5 9a 4b 1f 2d 62 1c 00 69 e7
    Full chain:
      65 ce 56 db 3c 65 6f f5 a7 6a 39 23 03 bb ee fd 9f 15 c5 00
    Verified Issuance Policies: None
    Verified Application Policies:
        1.3.6.1.4.1.311.54.1.2 Remote Desktop Authentication
    ERROR: Verifying leaf certificate revocation status returned The revocation function was unable to check revocation because the revocation server was offline. 0
    x80092013 (-2146885613)
    CertUtil: The revocation function was unable to check revocation because the revocation server was offline.
    CertUtil: -verify command completed successfully.
    Many thanks in advance...
    B
    B

    Here's the output of the getreg ca command. I didn't know about that one...
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration\VSHQE
    CA-SUB-CA:
    Keys:
      CSP
      EncryptionCSP
      ExitModules
      PolicyModules
    Values:
      DSConfigDN               REG_SZ = CN=Configuration,DC=contoso,DC=net
      DSDomainDN               REG_SZ = DC=contoso,DC=net
      ViewAgeMinutes           REG_DWORD = 10 (16)
      ViewIdleMinutes          REG_DWORD = 8
      CAType                   REG_DWORD = 1
        ENUM_ENTERPRISE_SUBCA -- 1
      UseDS                    REG_DWORD = 1
      ForceTeletex             REG_DWORD = 12 (18)
        ENUM_TELETEX_AUTO -- 2
        ENUM_TELETEX_UTF8 -- 10 (16)
      SignedAttributes         REG_MULTI_SZ =
        0: RequesterName
      EKUOIDsForPublishExpiredCertInCRL REG_MULTI_SZ =
        0: 1.3.6.1.5.5.7.3.3 Code Signing
        1: 1.3.6.1.4.1.311.61.1.1 Kernel Mode Code Signing
      CommonName               REG_SZ = VSHQECA-SUB-CA
      Enabled                  REG_DWORD = 1
      PolicyFlags              REG_DWORD = 0
      CertEnrollCompatible     REG_DWORD = 0
      CRLEditFlags             REG_DWORD = 100 (256)
        EDITF_ENABLEAKIKEYID -- 100 (256)
      CRLFlags                 REG_DWORD = 2
        CRLF_DELETE_EXPIRED_CRLS -- 2
      InterfaceFlags           REG_DWORD = 641 (1601)
        IF_LOCKICERTREQUEST -- 1
        IF_NOREMOTEICERTADMINBACKUP -- 40 (64)
        IF_ENFORCEENCRYPTICERTREQUEST -- 200 (512)
        IF_ENFORCEENCRYPTICERTADMIN -- 400 (1024)
      EnforceX500NameLengths   REG_DWORD = 1
      SubjectTemplate          REG_MULTI_SZ =
        0: EMail
        1: CommonName
        2: OrganizationalUnit
        3: Organization
        4: Locality
        5: State
        6: DomainComponent
        7: Country
        8: UnstructuredName
        9: UnstructuredAddress
        10: DeviceSerialNumber
      ClockSkewMinutes         REG_DWORD = a (10)
      LogLevel                 REG_DWORD = 3
      HighSerial               REG_DWORD = 2c (44)
      CAServerName             REG_SZ = VSHQECA-SUB.contoso.net
      ValidityPeriod           REG_SZ = Years
      ValidityPeriodUnits      REG_DWORD = 5
      KRACertHash              REG_MULTI_SZ =
      KRACertCount             REG_DWORD = 0
      KRAFlags                 REG_DWORD = 0
      CRLPublicationURLs       REG_MULTI_SZ =
        0: 65:C:\Windows\system32\CertSrv\CertEnroll\%3%8.crl
        CSURL_SERVERPUBLISH -- 1
        CSURL_SERVERPUBLISHDELTA -- 40 (64)
        1: 6:http://vshqeca-sub.contoso.net/CertEnroll/%3%8%9.crl
        CSURL_ADDTOCERTCDP -- 2
        CSURL_ADDTOFRESHESTCRL -- 4
        2: 10:ldap:///CN=%7%8,CN=%2,CN=CDP,CN=Public Key Services,CN=Services,%6%10
        CSURL_ADDTOCERTCDP -- 2
        CSURL_ADDTOCRLCDP -- 8
      CRLPeriod                REG_SZ = Weeks
      CRLPeriodUnits           REG_DWORD = 2
      CRLOverlapPeriod         REG_SZ = Hours
      CRLOverlapUnits          REG_DWORD = 0
      CRLDeltaPeriod           REG_SZ = Days
      CRLDeltaPeriodUnits      REG_DWORD = 1
      CRLDeltaOverlapPeriod    REG_SZ = Minutes
      CRLDeltaOverlapUnits     REG_DWORD = 0
      CAXchgValidityPeriod     REG_SZ = Weeks
      CAXchgValidityPeriodUnits REG_DWORD = 1
      CAXchgOverlapPeriod      REG_SZ = Days
      CAXchgOverlapPeriodUnits REG_DWORD = 1
      MaxIncomingMessageSize   REG_DWORD = 10000 (65536)
      MaxIncomingAllocSize     REG_DWORD = 10000 (65536)
      CACertPublicationURLs    REG_MULTI_SZ =
        0: 2:http://vshqeca-sub.contoso.net/CertEnroll/%1_%3%4.crt
        CSURL_ADDTOCERTCDP -- 2
        1: 0:C:\Windows\system32\CertSrv\CertEnroll\%1_%3%4.crt
        2: 2:ldap:///CN=%7,CN=AIA,CN=Public Key Services,CN=Services,%6%11
        CSURL_ADDTOCERTCDP -- 2
      RequestFileName          REG_SZ = C:\VSHQECA-SUB.contoso.net_contoso-VSHQECA
    -SUB-CA%4.req
      SetupStatus              REG_DWORD = 1
        SETUP_SERVER_FLAG -- 1
      Security                 REG_BINARY =
        Allow CA Administrator      BUILTIN\Administrators
        Allow Certificate Manager   BUILTIN\Administrators
        Allow CA Administrator      contoso\Domain Admins
        Allow Certificate Manager   contoso\Domain Admins
        Allow CA Administrator      contoso\Enterprise Admins
        Allow Certificate Manager   contoso\Enterprise Admins
        Allow Enroll        NT AUTHORITY\Authenticated Users
      CACertHash               REG_MULTI_SZ =
        0: 1e 0a 6c ad 0f 76 07 df 06 93 fc 06 8b cc 08 4e 19 1b 71 0f
        1: 28 22 a0 83 65 b4 28 cf d1 fc 80 ab 1d 47 51 67 60 30 f4 ff
        2: 08 8b cf eb c2 21 5f 4a 75 63 87 34 4b c0 29 bf 14 2b c9 fa
        3: 82 2b 18 53 70 52 57 8b 5c a4 01 a2 07 be 35 7a ba 4e 34 b1
      CRLDeltaNextPublish      REG_BINARY = 05/24/2014 6:59 PM
      CRLOverlapPeriodUnits    REG_DWORD = c (12)
      RequestKeyIndex          REG_DWORD = 2
      RequestKeyContainer      REG_SZ = VSHQECA-SUB-CA(2)
      CRLNextPublish           REG_BINARY = 06/06/2014 6:59 PM
      CAXchgCertHash           REG_MULTI_SZ =
        0: ef 91 d7 19 22 95 69 6f 79 e2 8d ad 80 55 b4 6c 78 ca fa 73
        1: ba 37 08 cd fc cc b9 b6 c9 08 dc 55 e5 fb 0e 3e c4 bc 60 57
        2: fd 9b 26 91 d3 5a 9f c0 f5 26 47 74 2f 7e 85 28 78 6f 1c 4c
        3: da de 90 50 73 51 ee d9 10 3b e4 94 6a a3 5f 9c 71 81 9b 1c
        4: 52 19 e2 b5 ab 73 1c 75 86 7f 1d ad ec c7 38 ff c8 81 2d f4
    CertUtil: -getreg command completed successfully.
    New screengrab of pkiview coming right up...
    B

  • RV220W RDP and WAN

    I have setup portforwarding on the RV220W, to allow outside connections on RDP. I have tested that LAN RDP works fine, but when I test using an outside address trying to connect to an inside windows PC with RDP nothing happens.
    I was wondering if anyone could give me any advice on where I might be going wrong.
    I have created the Service RDP
    Thanks

    tbh i hope you couldn't ping you inside PCs that would be leaving your network wide open to hackers.  are you behind any company proxy at work perhaps? or just one a normal ISP connection?  when port forwarding your PCs will need static IPs or static DHCP assigned IPs.
    Really, if you are able, i would setup the SSL VPN. then you browse to your routers external IP address as usual but enter your SSLVPN user account (not the Cisco Admin account), this will then give you a SSL VPN Tunnel issuing you an internal IP address and thus allowing you to access local network shares/PCs etc (without port forwarding) and is much safer then opening RDP and other ports to the world.
    this is what I do to access my NAS Services from work to home.
    there are known issues with the latest Java and Mac Books but there is a workaround stated in the latest firmware release notes.

  • How can integrate IPS and WAAS???

    I have been working a lot with troubles to integrate an IPS 4240 in my WAAS plataform. A lot of signatures comes up when I have actived IPS. I found out some tips about disabled specific signatures and install the appliance in IDS mode.
    ¿Anybody known how i can conduct a transparently integration with these technologies?

    When the IPS sensor is placed outside of the optimization path, then both IPS and WAAS will work well. The IPS sensor blocks the TCP option 21 that WAAS uses to initiate the WAAS setup. The IPS sensor cannot handle the sequence number manipulation that WAAS currently uses. It's outside the RFC and the sensor will block those packets by default.

  • ACS issues in large scale network with Prime Infra and WAAS express

    Hi,
    I wonder if there is a common practice or a recommended way for deploying large scale network where there are Prime Infrastructure (PI) and WAAS Central manager keep logging into routers (scale of 1000 or more) to collect statistics. The way PI and WAAS CM collect stats from the routers (besides using SNMP) is that they log in (authenticate) themselves with there usernames and password and issue multiple show and config commands on the routers. Imagin this routine happens every 5 - 10 minutes with all 1000+ routers at the same time and the impact to the ACS server in terms of authentication requests and AAA logs. Appreciate if somebody could recommend a solution where these elements can work together in a large scale network.
    Thanks,
    Tos

    The AEBS is connected to the TC via an ethernet run from the basement to the main floor... its not connected wirelessly.
    The "extend" feature is intended for wireless, not wired connections. Since you have the base stations connected by Ethernet, the downstream router just need to be reconfigured as a bridge. The bridged router would then perform as a combination Wireless Access Point and Ethernet switch. Neither base station should be configured for "extending."
    Basically, you will want both to be configured for a "roaming" network.
    o Setup the base station connected to the Internet to "Share a public IP address."
    Internet > Internet Connection > Connection Sharing: Share a public IP address
    o Setup the remaining base station(s), as a bridge.
    Internet > Internet Connection > Connection Sharing: Off (Bridge Mode)
    For each base station in the roaming network:
    o Connect to the same subnet of the Ethernet network
    o Provide a unique Base Station Name
    o The Network Name should be identical
    o If using security, use the same encryption type (WEP, WPA, etc.) and password.
    o Make sure that the channel is set at least three channels apart from the next base station.
    while the TC is running at 2.4ghz since my MBP is connected at speeds around 240 to the AEBS at the same time that my ipod is connected to the TC at speeds of only 54 max.
    The iPod is a 802.11b/g wireless device. It cannot connect at greater than the maximum bandwidth for that mode ... which is 54 Mbps, regardless of the bandwidth available.

  • Topology changed and WAAS caused traffic interuption

    We have 2 sites that connected via point to point circuits.  These sites have 3 WAE's @ each location.  The ingress vlan @ each site of the point to point ciruits is using ip wccp 62 redirect in.  The svi's on the 6500's that house the users/servers have ip wccp 61 redirect in.  Each of these sites have host ports to an MPLS cloud that contains other datacenters that don't currently have WAE's installed.  Normal flow of traffic between those sites is directly to Site A or B, the interface that they enter the core 6500's is the same vlan that contain the 62 redirect.  When all connectivity is good the traffic from one of the sites to either Site A or B is not affected by the waas due to the fact that there isn't a pair involved in the flow.  Yesterday there was a major outage for our MPLS carrier and traffic began to take a path through A to get to B.   Example:
    Client---->SiteA Core 6500 Vlan interface with 62 in---->POINT to POINT----->SiteB Core 6500 Vlan interface with 62 in---Site B SVI with 61 in
    Client could ping resource fine but could't pull up shares or create an ODBC connection.
    From what I can tell Site A does have a "matching" 61 and 62 flow for connection but SiteB does. 
    We are using ACL's for WCCP but not sure they are correct, ie they are the same for both 61 and 62.  From what I understand 61 is based on source address while 62 is base on destination, is this only for load balancing across multiple WAE's?  Does any have a recomendation or thought on why this would have broke during the rerouting of traffic?  I would also like some input on how to utilize the ACL's correctly.  Should each site specific ACL's that are the inverse of each other, ie:
    Site A
    ip access-list extended WAAS_Traffic_61
    permit ip 192.168.0.0 0.0.0.255 any
    ip access-list extended WAAS_Traffic_62
    permit ip  any 192.168.0.0 0.0.0.255
    Site B
    ip access-list extended WAAS_Traffic_61
    permit ip 192.168.1.0 0.0.0.255 any
    ip access-list extended WAAS_Traffic_62
    permit ip  any 192.168.1.0 0.0.0.255
    where 192.168.0.0/24 resides @ Site A and 192.168.1.0/24 resides @ Site B.
    Thanks,
    Joe

    Hi Zach
    I have implement this scenario and WAAS is performing optimization. I only need to optimize two sites that connect trough VPN, so I'm using WCCP only on Server VLAN and VPN VLAN that receive the remote users connections.
    So, when I look to "sh stat conn" I see many PT Asymmetric connections.
    I have disable EPM Accelerator cause I have read about EPM Accelerator does not work with Asymmetric Routing and also cause I had Microsoft access problem with one user VLAN that has WCCP command on it.
    I need enable EPM Accelerator because MAPI accelerator needs it to work fine.
    My doubts are:
    I have many VLANs at Central Site that does not need optimize and that WAE Core are handling. Can I include this networks in a passtrough policy?
    How can I identify the cause of Asymmetric to enable EPM Accelerator? I can see that the same connection is being see in two directions like bellow:
    10.25.48.57:80 172.0.0.59:1973 N/A PT Asymmetric
    172.0.0.59:1973 10.25.48.57:80 N/A PT Asymmetric
    Is it normal I have MS-EndPointMapper between two internals VLANs, that are not in the WAAS path?
    Thanks for help

  • Strange problem with RDP and mouse, only solved after minimize/maximize

    Good day,
    We have this very annoying problem with a RDP Terminal Server. It is Windows Server 2008 R2 SP1.
    This server has the Session Host role installed, with local RDP user licenses.
    We only have this issue when running a certain application.
    This application is called Rockwell FactoryTalk View and this in an application to display industrial processes.
    It will take the Full Screen in a fixed resolution and will display buttons, objects, values... The application also uses Internet Explorer cache so I think it uses ActiveX, Flash or Java, I don't know.
    What sometimes happens is this:
    - The mouse point is able to move in the entire screen (good)
    - The mouse button will only work in 1 certain area of the screen (which is a small rectangle)
    - The mouse "hovering" above objects will also only highlight items that are in this rectangle
    - The keyboard remains functional and with alt-tab other objects or other applications can get focus, but still no mouse clicking
    The problem can be solved by:
    - Minimizing the RDP window and maximizing it again
    - Or: Sending a message to the session using task manager, after clicking "OK" on that message the problem is gone
    Normally, about 5 users will have this application opened in their session, the "crash" is only effecting 1 session.
    The problem seems to happen randomly and we don't know if we should point to the FactoryTalk application, or to Terminal Services/RDP. The end users have no rights to minimize/maximize, this is not the solution. 
    Is it possible to have any input on this please?
    Thank you.

    Hi,
    Thank you for posting in Windows Server Forum.
    Firstly please check with the application support team whether the application is fully supported by Windows Server 2008 R2 in remote session. In addition, suggest you to update the client RDP version to RDP 8.1 and check the result for better feature and functionality. 
    Apart from this, there is Hotfix for the issue. Please download, install and check the result.
    Cause:
    The issue occurs because the remote desktop ActiveX object does not deactivate the focus of the remote desktop session when the focus is lost. Because the focus is still activated, the remote desktop ActiveX object cannot set the focus of the remote desktop
    session again when you change the focus back to the session.
    A remote desktop session does not respond to keyboard input or mouse input after it loses the focus in Windows 7 or in Windows Server 2008 R2
    http://support.microsoft.com/kb/2579381
    Hope it helps!
    Thanks.
    Dharmesh Solanki

  • RDP and Java not playing well together

    I have a Windows 8.1 Pro machine set up for RDP that connects to a field device network. The field network is not accessible from the Internet, so the only method I have to connect to the field devices is RDP through the machine. The devices use
    Java for their GUI. When I log onto one of the devices in the field via RDP, the amount of memory Java uses goes up and stays up. Every time I log onto a field device, the memory usage goes up and stays up to the point if I hit 25 or so field devices, I get
    an Out of Memory error and Java shuts down the main application running on the machine. However, if I log onto the devices directly from the machine, not using RDP, the amount of memory Java uses doesn't go up. The machine has 6Gb of RAM, rebooting it is the
    only way to clear out the memory, which gets it back down to a more normal 14%. 
    Any ideas? 

    Hi,
    What is the result if we connect to a normal Windows system via RDP? We should first find out whether this is a RDP side issue or a JAVA issue.
    And for high memory issue, we have a tool named RAMMap to view the detailed memory usage
    RAMMap
    http://technet.microsoft.com/en-us/sysinternals/ff700229.aspx
    Introduction to the new Sysinternals tool: RAMMap
    http://blogs.technet.com/b/askperf/archive/2010/08/13/introduction-to-the-new-sysinternals-tool-rammap.aspx
    Regards
    Yolanda Zhu
    TechNet Community Support

  • RDP and JAVA (SLOW ON TYPING AND SCREEN BUILD)-CTRL-ALT-END-ESC speeds up

    Any news what's the problem in a 2003 environment?
    Only after using the CTRL-ALT-END-ESC combination things are speeding up.
    We've got following installed on the server:
    JNLP Runtime Setiings
    1.3.1_19
    1.5.0_06
    Both enabled and 1.5.0_06 is enabled as system.
    Tried different combination and this seems to be the fastest, but still not good enough,if you launch it locally on theserver, it goes very fast,so it has someting to do with RDP,
    Any help?
    Greetings,
    Dre

    What's the problem with what? 'It' being what? and RDP having what to do with it?
    Just curious ... call me old-fashioned.

  • WRV54G using HP's RDP and PXE

    I have a WRV54G that replaced an older Linksys Product.  All my devices on my LAN get DHCP address but two (they are serves).  On my LAN I use a product from HP called RDP (Altiris Deployment Solution).  What this allows is PC’s can PXE boot using the NIC and I can use HP RDP to push OS’s / Applications to them.  With this new WRV54G when a PC tries to PXE boot it fails to get an IP from this device and fails.  But my entire Window based PC’s get a DHCP address from this device when they boot.  Any idea why when a NIC tries to PXE (broadcast for a DHCP IP, at the NIC level) it fails to get an address?  Is there an option in the setup that needs to be enabled for this to work?  BTW one the device gets the IP it then broadcasts for a PXE server which I have on the LAN.  Also again my older Linksys made all this work just fine.
    Thanks
    Tommy

    Thanks for the reply,
    I have the DHCP enabled and all the systems with OS's loaded get one of 100 address in the pool.  ( I only have 10 systems on line)  The one's that I PXE or NIC boot will not get a DHCP address they broadcast for one, but none is given.  I still have lots of address left and have a short lease duration.  I can see the network traffic (somewhat) and see the DHCP request, but I don't see the reply.  Is there some option that may have to do with BOOTP or some thing like that???
    Thanks
    Tommy

  • High circuit utilization and WAAS

    We have been experiencing some issues that I think are related to the WAAS and need opinions and advice on how to resolve.
    We are running the latest 4.1.1c code on all WAEs and are running in the new AO mode (not file services in legacy mode).
    At our data center (where the servers are) we have a 9mbps circuit connecting it to the MPLS cloud. At some of our remote sites (where the users are) we have T1s and fractional T1s. Almost daily we are seeing cases where a single connection is consuming all of the bandwidth at the remote sites. This is typically only for a defined period of anywhere from 10 minutes to an hour and can be traced to particular activity like copying a large files, etc. Before the WAAS was implemented we wouldn't see cases where a single operation could consume literally 100% of the bandwidth and I wonder if the core WAAS (at the data center) could be over utilizing the bandwidth since the core has 9mbps available.
    The problem is that when this occurs, it affects everyone else on the circuit since the circuit is slammed. Most of our users use terminal server connections and theses are greatly affected when all of the bandwidth is consumed. We have given the terminal server connections a higher priority inside the WAAS (through policy prioritization) and setting the DSCP marking to af21(18). We have even tried QOS on the routers but the condition occurs on a regular basis.
    Please help!
    David

    See the attached. It provides a very good overview. Is the adaptive buffering enabled?
    If not, either way a TCP window of 512K allwos the WAE to burst segments upwards to 512Kbytes. You want to be able to utilize the link to maximum capacity to compensate for latency. Howeve rif smaller apps are being choked then need to be adjusted. I am suprised that Q0S on the router had little effect ont he smaller traffic sessions.

  • Deframe, app launcher, RDp and window size!

    Hi all
    I am testing delivering apps running on a TS 2000 box via the app launcher,
    using RDP. I have ZENworks for Desktops Version 4.0.1. Is it possible to
    control the size (and other parameters) of the RDP session? As it stands the
    default box is 640 x 480 with no scaling allowed, ICA has this option but
    nothing obvious for RDP.
    Regards
    Neil

    Thanks for the reply.
    It seemd that custom parameters are passed to mstsc so it doesn't read the
    config. Can't find any way to pass a window size etc to the exe :(
    Neil
    >>> On 15/01/2008 at 11:31, in message
    <[email protected]>, Anders
    Gustafsson<[email protected]> wrote:
    > Neil,
    >> I am testing delivering apps running on a TS 2000 box via the app
    > launcher,
    >> using RDP. I have ZENworks for Desktops Version 4.0.1. Is it possible to
    >> control the size (and other parameters) of the RDP session? As it stands
    > the
    >> default box is 640 x 480 with no scaling allowed, ICA has this option
    > but
    >> nothing obvious for RDP.
    >>
    > Cannot remember for 4.x but you can always cheat and fire of mstc.exe
    > with
    > parameters or an rdp file.
    >
    > - Anders Gustafsson (Sysop)
    > The Aaland Islands (N60 E20)
    >
    > Discover the new Novell forums at http://forums.novell.com
    >
    > Novell does not monitor these forums officially.
    > Enhancement requests for all Novell products may be made at
    > http://support.novell.com/enhancement

  • Cisco ASR 1006 and WAAS

    Hi,
    Is there any built-in WAAS and NME features or services in Cisco ASR 1006? Or is there any WAAS or NME module that can be installed in Cisco ASR 1006? I found that for Cisco ISR 1900, 2900, and 3900, WAAS and NME services can be enabled by installing SRE and NME module. But can't find any information for Cisco ASR 1006.
    Really appreciate your help.
    Thanks

    Hi Marvin
    There is no option for this.
    on the 4510 the only options under the interface are
    speed nonegotiate or no speed nonegotiate (for auto)
    Similarly on the ASR no negotiation auto or negotiation auto. setting each device to auto/manual or manual/auto has no effect on the ASR port - its still down
    Cheers

  • Config. recommended for MDS9216 and WAAS 7341

    Hello,
    i am testing for a customer datacenter replication with 2 MDS 9216i with Hitachi storage in each site. A WAN emulated with WAN BRIDGE with 155MB and delay 220ms. I have WAAS in each site.
    Can you tell me the best recommendation to achieve the best performance ?? i am using WAAS in replication-acceleration mode.
    Thanks and regards.
    Leo.

    Thanks so much for your response.
    yes, i am using 2 7341 with inline card from demo depot.un fortunally one 7341 has hardware problem then we are replace it by a 7326. we change to application acceleration with software version 4.1.3.b
    i think the waas is working goog but my customer need more performance. we are using WAN-BRIDGE to emulate 155 mbps with 220 ms delay and we found that his performance goes down each day needing reboot.
    Do you know any other application to emulate the wan ?
    thanks so much again.
    Leo.

Maybe you are looking for