I have more info... The source ports are limited on our proxy to 10,000. The users are showing up quickly on the firewall / loadbalancer, and Checkpoint firewall is questioning the usage - thinking this is an intruder of some sort. The firewall is not creating a new connection. The source port stays open. As each user accesses, it looks like 1 IP address. Each user gets 1 port. Example: User "Joe" logins in on port 123, then signs off (the connection is staying open). The connection shows active. The next user "Bill" logs in on the same source port 123. The same source port remains open in the Connection Table. For some reason when Joe logged off, the port 123 did not close in the Connection Table. This did not happen in 7.1, however we are seeing this issue in 7.6 In a message dated 11/17/2010 12:19:39 P.M. Eastern Standard Time, [email protected] writes:
** Kathy, There are a couple of potential issues with load balancer. The first I can think of is with the "sticky bit" which sends the user to the same AR System and prevents the logging in from a different IP address issue. If you give a little more detail about the issue, those with more load balancing expertise may be able to help you. Dave ____________________________________ From: Action Request System discussion list(ARSList) [mailto:[email protected]] On Behalf Of Kathy Morris Sent: Wednesday, November 17, 2010 1:15 PM To: [email protected] Subject: 7.6.3 Load Balancing AR Server / Mid Tier ** Hi, We are experiencing serious connection issues with 7.6.03 AR System / ITSM and Cisco. Apparently there is an issue with Load Balancing. They are using Cisco as a load balancer. Is there any documentation for load balancing with 7.6.03? I saw documents for 7.1 however we were looking for more recent info. What types of issues could cause connection issues between the load balancer and the AR Server? I thought I heard something on the list a couple of months ago about this, however I have not located the email. _attend WWRUG11 www.wwrug.com ARSlist: "Where the Answers Are"_ _attend WWRUG11 www.wwrug.com ARSlist: "Where the Answers Are"_ _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug11 www.wwrug.com ARSList: "Where the Answers Are"
