CirrusHi
Has anyone had any success for deploying the F5 to replace RDP Gateway Servers as per the following article, http://www.f5.com/pdf/deployment-guides/microsoft-remote-desktop-gateway-dg-rc1.pdf
I have followed the process but I am not having any luck.
This entry is being created when running a tcpdump: Internal error (ECA requested abort (Could not verify user (domain\admin) credentiA" peerremote
CirrusSounds like you might have NTLM-related authentication issues. Are you sure you created an NTLM account for your BIG-IP, etc? What version of BIG-IP and the RDP client are you running? I'd suggest opening a support case to investigate the error.
Cirrus
Nimbostratus
CirrocumulusSounds like you might have NTLM-related authentication issues. Are you sure you created an NTLM account for your BIG-IP, etc? What version of BIG-IP and the RDP client are you running? I'd suggest opening a support case to investigate the error.
CirrusNimbostratusHi Sulaiman, did you use the iApp template or set up the configuration manually? We recommend the iApp for this because it greatly simplifies the APM policy configuration:
https://devcentral.f5.com/wiki/iApp.Microsoft-Remote-Desktop-Gateway-APM-Gateway-iApp.ashx
I concur with Michael that you should open a support case with F5. From that error, it sounds like you may have a connectivity issue with your domain controllers or a problem with the BIG-IP machine account.
Mike
Cirrus
NimbostratusI was under the impression that this is a hard task because the LTM and APM have a hard time with Front-end NTLM. I believe they were fixing this moving forward with another version, but as for now we still have our legacy forefront tmg proxies handling this. If you do figure this out, let me know so I can go through the same migration steps as you!
NimbostratusHi everybody!
I saw this subject and because I implemented successfully, I supposed my post fit here.
So, I implemented successfully this Remote Desktop Gateway with APM. But I facing a problem with the NTLM authentification when a user account need a password change. Is there anyone who has a solution for this problem?
Log from my APM when this problem append: Dec 15 11:07:02 mybigip warning eca[4887]: 01620002:4: [Common] 10.10.10.10:54646 Authentication with configuration (/Common/NTLM-Auth-Conf-acces-ts-ced-RDG) result: testusr@testdomain (MYPC): Fail (STATUS_PASSWORD_MUST_CHANGE)
I would like to let the user access the backend RDP server when the user need to change his password but block it when a wrong password is used. Any idea?