No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>


To have a better experience, please upgrade your IE browser.


The firewall causes the virtual desktop can’t deliver normally

Publication Date:  2012-11-22 Views:  77 Downloads:  0
Issue Description
XXX client has used the FI 945 with the version of XPE in the office site, in order to avoid there are two Windows interfaces while using the desktop cloud and influencing the user’s experience, they determine to replace the FI 945 operating system as to Linux, and after replacing the TC’s operating system version, in the WI, the user who could use the desktop cloud in the original version enter the user’s name and password, and then click “login” but can’t enter into the VM desktop.  
Alarm Information
The user stays in the WI interface for a long time, and then there appears a prompt displaying: the network connection is interrupted, please try again later.
There isn’t any alarm in the DDC

Handling Process
1. In the FI 945TC with the version of Linux, through “ping” to test the WI, DDC, AD, SQL Server and they are all reachable.
2. Additionally, take a FI 945 TC with the version of XPE to connect to the same network interface, and configure as the same IP address, use the same account to login in the WI and can enter in the desktop normally.
3. Replace the FI945 TC back to the Linux version, and connect to the same network, configure as the same IP, and then use the same account to login in the WI, but still can’t enter in the VM desktop normally.
4. Check the data path from the TC to the cloud computing data center, refines to each network device, we find there is a security firewall in the core switch in this office building.
5. Take a FI945 TC with the version of Linux to connect with each network device for test, we find it can normally display once the TC connects the network which is out of the security firewall.
6. Login in the firewall via the client, capture the configuration and we find it hasn’t configured any security strategy. The client introduce the firewall isn’t useful except that connects in the network via the transparent mode, and it doesn’t impact the network’s route. Hence, we suggest them remove it directly.
7. After removing the firewall, the entire Linux version TC in the office area can login in the VM desktop normally.

Root Cause
Firstly, we guess the possible reasons of the desktop can’t deliver are as followed:
1. The network between the TC and the WI is not reachable, or there is the security strategy of forbidding the necessary port of implementing the desktop deliver.
2. The components of the desktop infrastructure of the DDC and DVA have failures.
3. The problem of the AD domain and SQL Server.

The condition of this case is particular, and all the other conditions are nearly consistent, only the TC’s operating system has difference, and then causes the VM’s desktop can’t deliver, meanwhile there isn’t any security strategy in the firewall, and finally we avoid the problem by removing the firewall. After consideration, we think it may be the capacity of the Linux TC’s encapsulation data packages is different with the one of the XPE TC’s, and causes the Linux TC’s encapsulation data package has been discarded because its capacity is over the firewall port’s default value, and finally causes the VM desktop can’t been delivered.