Slow login to Terminal server when F-Secure Server Security 14.00 is installed - F-Secure Community
<main> <article class="userContent"> <h3 data-version="5" data-article="000028296" data-id="issue">Issue:</h3> <p>RDP connections to terminal servers are extremely slow, logging in takes abnormally long for a user. Disabling the F-Secure security features does not help. The servers are Microsoft Farm Load Balancing Servers.<br> </p> <h3 data-id="resolution">Resolution:</h3> <p>To confirm if the issue is caused by the F-Secure Firewall profile, Disable the F-Secure firewall profile completely by following the steps on the Server: <br><br>1. You can type the following in the elevated command line to stop F-Secure Server Services:<br><br>net stop fshoster<br>net stop fsulhoster<br>net stop fsulnethoster<br>net stop fsnethoster<br>net stop fsulorsp<br><br>2. Navigate to the location at C:\Program Files (x86)\F-Secure\Server Security and <b>rename</b> this DLL file<b> fs_manageable_win_firewall_32.dll </b>to for example <b>fs_manageable_win_firewall_32_old.dll</b><br><br>3. You can start all Services back <br><br>net start fshoster<br>net start fsulhoster<br>net start fsulnethoster<br>net start fsnethoster<br>net start fsulorsp<br><br>Once the file has been renamed, test if the slow login issue can be reproduced. If renaming improves the connection, then you need to create a firewall rule to fix the issue.<br><br><b>Note: </b>If the Connection Broker says redirect to another server, the terminal server sends a message back to the RD Client with the IP address of the server that it needs to connect to. Therefore, if the client is on an external network, the client's outbound firewall rules need to open up port 3389 for all the IP addresses of the terminal servers. Likewise, the firewall on the network for which the terminal servers belong to need to allow inbound connections to the terminal servers.<br></p><p>Load Balanced Ports & Services:<br><br><b>Protocol </b> <b> Port </b> <b> Purpose/Role Service</b><br>TCP/HTTPS 443 HTTPS (RD Gateway, RD Web Access)<br>TCP/UDP/RDP 3389 RDP (UDP transport was added in RDP V8.0)<br>UDP 3391 RDP (RD Gateway)<br> </p> Create a firewall rule, where you allow RDP connection between your server and clients. The rule set consists of the protocols for load balanced Ports. <p>A custom firewall rule (service) for F-Secure Client Security or Server Security can be created either through F-Secure Policy Manager Console or locally on the workstation where Client has been installed on.</p> <p>To add a custom firewall rule through the Policy Manager Console, see <a rel="nofollow" href="https://help.f-secure.com/product.html#business/policy-manager/14.00/en/task_23A11FE045DD4189B4EA3B57AC173408-14.00-en">Adding firewall rules</a> in the Policy Manager Help Guide.</p> <p>Article no: 000028296</p> </article> </main>
