Connectra SSL Extender issue

[jgahan1978]

Hi all,

I have about 12 LDAP user groups setup. They all work. I am creating a new group setup exactly like the others. Once the user logs in from the new LDAP group, they can get to any web links, the SSX starts up, but they can not get to any of the network apps there. For my example below I will be using RDP (3389) I was doing some testing, moving the user around to different groups, and this is what I found:

When using in a working LDAP group, I see two packets.
1. Accept - Source=connectra, port=3389, destination=server
2. Accept - Encrypt packet - Source=client ssx ip, port=3389, destination=server

When using in the new LDAP group, I only see one packet
1. Drop - Source=client ssx ip, port=3389, destination=server

For some reason it is not sending first packet from webvpn to setup the encryption. Any ideas? I have a ticket in with tech support, with still no luck. This happened earlier today, and all I had to do was delete the group and re create, but unfortunately, that is not working this time.

Thanks.

Jeff
CCSA, CCSE

[jgahan1978]

Another interesting thing that I found. When I can't log in, I will console in and run a cvpnrestart on the connectra box. After doing this I can log in. Does anyone know what else I can check. It must be something that gets restarted that is causing the problems.

Thanks.