One TS gateway server logon slow

[chicagotech]

Hi have a really strange problem. I have two 2008 TS GW servers which are part of farm and balanced using DNS round Robin. I have been testing each server using entries in my hosts file so I know which one I am conencting to.

TS GW 1 sever takes about 10 seconds before the details button can be selected and I can see the logon process
TS GW 2 server takes about 30-40 seconds before the details button can be selected.

During some digging around I also found that the serverfarm status is not the same on both servers. Both show as OK but both think there are differnent amount of connections. I can refresh the status on both servers

TS GW 1 will report TS GW 1 conenctions 175, TS GW 2 connections 26
TS GW 2 will report TS GW 1 conenctions 30, TS GW 2 conenctions 175

Any ideas?

[chicagotech]

actually, I have had success with others speeding up TSG when they had the wrong certs installed.



Sounds like you have 2 RDGateway machines, load balanced, then a dedicated redirector box, and then session broker. All these are separate machines. then you have some number of RDS Hosts. So far so good?

Have you tried not load balancing the RDGateway and just using one? Is it still slow?

Anything in event logs on the RD Gateway machine?

Can you share images (upload them to skydrive and post links here) of your RDSH config, RDP-Tcp, General tab of each server,

Also the RD GAteway config details.

(If you can give a network diagram, that would be great).

And tell us about your cert setup.Hope this helps,

Kristin L. Griffin

[chicagotech]

Yes you are correct. As the servers are loadbalanced using DNS I can simply add an entry in my host file to force the conenciton to a particular machine. I have to do this as I get certifcate warnings if I use the IP directly.

All roles run on seperate servers

I will upload any required images etc, but it seems to be very inconistant, some times it is quick other time it isnt, I will try investigating the cert first.

Just to add one more thing into the mix, on XP machines the details button appears to be avialalbe much faster, but then if I click on details I can see the progile loading but it sits on "welcome" for another 10-15 seconds before the profile starts. I thought I had fixed this by disabling the software restrictions policy "KB969972" now it seems it is client related!!

Certificate is an SSL123 from THAWTE, private key is also installed on each server. The certifacte was imported to the computer personal container using the cert MMC