-
-
Save rtfmoz/58d82b0887146ea3a2310eb32fea1428 to your computer and use it in GitHub Desktop.
Three Failed VDI access attempts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sep 28 21:53:14 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: New connection 98.219.150.106 63516 172.31.0.4 443 on tmm 0 1 | |
Sep 28 21:53:14 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Request (GET /my.policy HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko Host: X.X.X.X Cache-Control: no-cache Connection: Keep-Alive ) | |
Sep 28 21:53:14 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Client-type (none) | |
Sep 28 21:53:15 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: New connection 98.219.150.106 63517 172.31.0.4 443 on tmm 0 0 | |
Sep 28 21:53:15 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Request (GET /my.logout.php3?errorcode=19 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko Host: X.X.X.X Cache-Control: no-cache Connection: Keep-Alive ) | |
Sep 28 21:53:15 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Client-type (none) | |
Sep 28 21:54:10 vpn2 notice tmm[24457]: 01490502:5: /Common/ap_access:Common:0fd077f3: Session deleted due to user inactivity. | |
Sep 28 21:54:10 vpn2 notice tmm[24457]: 01490502:5: /Common/ap_access:Common:0fd077f3: Session deleted due to user inactivity. | |
Sep 28 21:54:51 vpn2 notice tmm[24457]: 01490521:5: /Common/ap_access:Common:0fd077f3: Session statistics - bytes in: 0, bytes out: 0 | |
Sep 28 21:54:51 vpn2 notice tmm[24457]: 01490521:5: /Common/ap_access:Common:0fd077f3: Session statistics - bytes in: 0, bytes out: 0 | |
Sep 28 21:55:15 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: New connection 180.150.104.94 62894 172.31.0.4 443 on tmm 0 1 | |
Sep 28 21:55:15 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:781c1777: Request (GET /f5vdi/rdp/launch/Common/PA-Traps-ESMA HTTP/1.1 Host: my.site.com Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 Referer: https://my.site.com/vdesk/webtop.eui?webtop=/Common/wt_my.site.com&webtop_type=webtop_full Accept-Encoding: gzip, deflate, br Accept-Language: en-AU,en-GB;q=0.8,en-US;q=0.6,en;q=0.4 Cookie: __unam=3551c63-15e9bb33c4b-bdf5c05-3; _ga=GA1.2.2101453515.1505850769; F5_fullWT=1; F5_ST=1506598739c900c100c1506598739c604800c600c; LastMRH_Session=781c1777; MRHSession=0b1c1fee9ba6624c3a7223e5781c1777; TIN=837000 ) | |
Sep 28 21:55:15 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:781c1777: Client-type (apm-webtop) | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5d.C} TMEVT_OPEN | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5d.C} TMEVT_REQUEST | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5d.C} CHL::PassToOutput HttpMessageStarted isRequest 1 forward 0 | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5d.C} -> HttpMessageStarted | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5d.C} CHL::PassToOutput HttpRequest[GET /f5vdi/rdp/launch/Common/PA-Traps-ESMA HTTP/1.1] isRequest 1 forward 0 | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5d.C} -> HttpRequest[GET /f5vdi/rdp/launch/Common/PA-Traps-ESMA HTTP/1.1] | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5d.C} CHL::PassToOutput HttpHeaders[10] isRequest 1 forward 0 | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5d.C} -> HttpHeaders[10] | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5d.C} ConnectionClose=0 | |
Sep 28 21:55:15 vpn2 info vdi[21202]: 019cffff:6: /Common/ap_access:Common:00000000: {5d.C} New 'APM Webtop' request from 180.150.104.94:62894 to 172.31.0.4:443 | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5d.C} HttpRecv: Got headers | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5d.C} TMEVT_REQUEST_DONE | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5d.C} CHL::PassToOutput HttpMessageCompleted isRequest 1 forward 0 | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5d.C} -> HttpMessageCompleted | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5d.C} HttpRecv: Completed! | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.781c1777.session.assigned.resources.rd' = '/Common/PA-Traps-ESMA /Common/PA-Traps-ESMB /Common/PA-Traps-W10 /Common/PA-Traps-Win7-32 /Common/PA-Traps-Win7-64' | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.781c1777.session.snapshotid' = '2d1b222a7cb30_9ooooooooooooooooo' | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.2d1b222a7cb30_9ooooooooooooooooo.config.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.type' = 'rdp' | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.2d1b222a7cb30_9ooooooooooooooooo.config.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.native_client' = '1' | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.2d1b222a7cb30_9ooooooooooooooooo.config.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.server_type' = '0' | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.781c1777.session.snapshotid' = '2d1b222a7cb30_9ooooooooooooooooo' | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.2d1b222a7cb30_9ooooooooooooooooo.config.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.user_defined_dst' = '0' | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.2d1b222a7cb30_9ooooooooooooooooo.config.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.host' = '%{session.custom.traps.rdp.destination}' | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.781c1777.session.custom.traps.rdp.destination' = '172.30.7.205' | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.2d1b222a7cb30_9ooooooooooooooooo.config.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.port' = '3391' | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17SetSessionDBValue result 'tmm.session.781c1777.session.autocleanup.tmm.vdi.rdp.token.DyhW21z5ybS3Q7px9xh1Qw' = '' | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17SetSessionDBValue result 'tmm.vdi.rdp.token.DyhW21z5ybS3Q7px9xh1Qw' = '0b1c1fee9ba6624c3a7223e5781c1777|/Common/PA-Traps-ESMA|172.30.7.205:3391' | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.781c1777.session.client.platform' = 'Win10' | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.781c1777.session.snapshotid' = '2d1b222a7cb30_9ooooooooooooooooo' | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.2d1b222a7cb30_9ooooooooooooooooo.config.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.config_template' = 'autoreconnection enabled:i:0' | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.781c1777.session.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.domain' = 'PAN.aep' | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.781c1777.session.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.username' = 'administrator' | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.781c1777.session.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.password' = '********' | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} Sending OOB to (RD ) msg_id (2) | |
Sep 28 21:55:15 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: RD: [C] 180.150.104.94.62894 i 172.31.0.4.443: Received OOB request: Get Clientssl certificate | |
Sep 28 21:55:15 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: RD: [C] 180.150.104.94.62894 i 172.31.0.4.443: Sending OOB reply | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_OOB | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} Received OOB from (RD ) msg_id: 2; data_len: 2480 | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} OOB data: 0009AD0005113082050D308203F5A0030201020212037C3EBCE063F5DB3A3048CFC57D72524735300D06092A864886F70D01010B0500304A310B300906035504061302555331163014060355040A130D4C6574277320456E6372797074312330210603550403131A4C6574277320456E637279707420417574686F72697479205833301E170D3137303932353233333930305A170D3137313232343233333930305A3020311E301C060355040313156C6162732E726564656475636174696F6E2E636F6D30820122300D06092A864886F70D01010105000382010F003082010A0282010100CC6F05377EC5A1A3A7C89EFF4FAFE45EE9492427068982164B812BD57C531BA1CAC8F78B917C53CC651321B39377CC1D7AF2F6F278671D72D11511F9DE3C84B56D66B35F333BA3137EB2DB0D135DF6DA309C03A135E9FEA33FDBEABD8D62F035CE3B364DD33AE84A5A2D44294FCF9FED17FA2E11AF7D212E2BFB612B4F90D57EEED906B3CEEA7A10E140D6DF96AB34AF25B393C73F9ECC573B8A14CA6EE4A6DB28CA3BC0074141F62F0E95B71A15B6435C9658D48A251388757B3C38EE8C9771C5B1B2468967BB9BA8B0FBB43FE18D597F9FE3B5D8C727D8C1B0B024B233F234D954F00EB6A95C5CC9370096E5CBC7870F6F29AD4087A3459F4F410905039C450203010001A382021530820211300E0603551D0F0101FF0404030205A0301D0603551D250416301406082B0601050507030106082B06010505070302300C0603551D130101FF04023000301D0603551D0E04160414B9B946BD35189C979C4A4FDA709426DF7DF9FF48301F0603551D23041830168014A84A6A63047DDDBAE6D139B7A64565EFF3A8ECA1306F06082B0601050507010104633061302E06082B060105050730018622687474703A2F2F6F6373702E696E742D78332E6C657473656E63727970742E6F7267302F06082B060105050730028623687474703A2F2F636572742E696E742D78332E6C657473656E63727970742E6F72672F30200603551D110419301782156C6162732E726564656475636174696F6E2E636F6D3081FE0603551D200481F63081F33008060667810C0102013081E6060B2B0601040182DF130101013081D6302606082B06010505070201161A687474703A2F2F6370732E6C657473656E63727970742E6F72673081AB06082B0601050507020230819E0C819B54686973204365727469666963617465206D6179206F6E6C792062652072656C6965642075706F6E2062792052656C79696E67205061727469657320616E64206F6E6C7920696E206163636F7264616E636520776974682074686520436572746966696361746520506F6C69637920666F756E642061742068747470733A2F2F6C657473656E63727970742E6F72672F7265706F7369746F72792F300D06092A864886F70D01010B050003820101005AA6D0CAD9F3469EE9A2C33A1FA77F85785742FC09F3B65D7D14E9324FE38569AEE13DD6BCF2A71698B7DD57199E2B94FAE5C3C55B62A3A417473276D57386A4732BB0F3D116C399DF67A3E6F698F5CC70CD41ED93C0660FB8520BF5F41CCCCCCC2ACBB3EE421D59CCE78090A6814F2CCF46682A9CFDF4908B49AF1107E2A7AC9895E29C2EC5BFE92500A2F2A7C6450C438B92624DB919EDD277747E6ED669D171485094429A637989F12B76AF834584F861AFC93DC13B5ABB9D0FE0B4AECE2C15A8A73D22C411D14C09111CB02BDEA4AD839300827AB1C28E837452D1953364B94A676457D98B7BC8EF454F9AA7612D8312A2F3CFBC0FF41F5EF5B5B0D24D09000496308204923082037AA00302010202100A0141420000015385736A0B85ECA708300D06092A864886F70D01010B0500303F31243022060355040A131B4469676974616C205369676E617475726520547275737420436F2E311730150603550403130E44535420526F6F74204341205833301E170D3136303331373136343034365A170D3231303331373136343034365A304A310B300906035504061302555331163014060355040A130D4C6574277320456E6372797074312330210603550403131A4C6574277320456E637279707420417574686F7269747920583330820122300D06092A864886F70D01010105000382010F003082010A02820101009CD30CF05AE52E47B7725D3783B3686330EAD735261925E1BDBE35F170922FB7B84B4105ABA99E350858ECB12AC468870BA3E375E4E6F3A76271BA7981601FD7919A9FF3D0786771C8690E9591CFFEE699E9603C48CC7ECA4D7712249D471B5AEBB9EC1E37001C9CAC7BA705EACE4AEBBD41E53698B9CBFD6D3C9668DF232A42900C867467C87FA59AB8526114133F65E98287CBDBFA0E56F68689F3853F9786AFB0DC1AEF6B0D95167DC42BA065B299043675806BAC4AF31B9049782FA2964F2A20252904C674C0D031CD8F31389516BAA833B843F1B11FC3307FA27931133D2D36F8E3FCF2336AB93931C5AFC48D0D1D641633AAFA8429B6D40BC0D87DC3930203010001A382017D3082017930120603551D130101FF040830060101FF020100300E0603551D0F0101FF040403020186307F06082B0601050507010104733071303206082B060105050730018626687474703A2F2F697372672E747275737469642E6F6373702E6964656E74727573742E636F6D303B06082B06010505073002862F687474703A2F2F617070732E6964656E74727573742E636F6D2F726F6F74732F647374726F6F74636178332E703763301F0603551D23041830168014C4A7B1A47B2C71FADBE14B9075FFC4156085891030540603551D20044D304B3008060667810C010201303F060B2B0601040182DF130101013030302E06082B060105050702011622687474703A2F2F6370732E726F6F742D78312E6C657473656E63727970742E6F7267303C0603551D1F043530333031A02FA02D862B687474703A2F2F63726C2E6964656E74727573742E636F6D2F445354524F4F544341583343524C2E63726C301D0603551D0E04160414A84A6A63047DDDBAE6D139B7A64565EFF3A8ECA1300D06092A864886F70D01010B05000382010100DD33D711F3635838DD1815FB0955BE7656B97048A56947277BC2240892F15A1F4A1229372474511C6268B8CD957067E5F7A4BC4E2851CD9BE8AE879DEAD8BA5AA1019ADCF0DD6A1D6AD83E57239EA61E04629AFFD705CAB71F3FC00A48BC94B0B66562E0C154E5A32AAD20C4E9E6BBDCC8F6B5C332A398CC77A8E67965072BCB28FE3A165281CE520C2E5F83E8D50633FB776CCE40EA329E1F925C41C1746C5B5D0A5F33CC4D9FAC38F02F7B2C629DD9A3916F251B2F90B119463DF67E1BA67A87B9A37A6D18FA25A5918715E0F2162F58B0062F2C6826C64B98CDDA9F0CF97F90ED434A12444E6F737A28EAA4AA6E7B4C7D87DDE0C90244A787AFC3345BB442 | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} Sending OOB to (RD ) msg_id (4) | |
Sep 28 21:55:15 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: RD: [C] 180.150.104.94.62894 i 172.31.0.4.443: Received OOB request: Sign data with clientSSL RSA key | |
Sep 28 21:55:15 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: RD: [C] 180.150.104.94.62894 i 172.31.0.4.443: Sending OOB reply | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_OOB | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} Received OOB from (RD ) msg_id: 4; data_len: 256 | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} OOB data: C92AD7E3B3CF55FDB506CE14A7AC21DCA70C2ABDD6A4A93D468DDE5478EB31E82336FA9F9A39151DAA6185B4176C24D9EB57B1B2BC3F25A83D3D15A6D048D940E2558D863ADCE1D90F9A5B53C001C78EF948F6B0DFFA0544817DF81FDD7A4CE97C7EDEAFE09202C0076F56D64418232454AC1EF71B53B897A53C4ABAF21EE4007F347CD5DDA4EAC619575B10CC4A28F32917788D09AEAC83B71DFB68FAE006A655AFE3140AC3AAEC42F01115EBAF486048442DC81D90EE7926A5177A35B36276021E5627F9A1414AD2F367240AB7FEFE665C8B193A73BA2573A27DFA55316427F765E1CF299C8EA3266A6B41EF61C5B8D6FE7506FB6293976013AE86B084F611 | |
Sep 28 21:55:15 vpn2 notice vdi[21202]: 019c0001:5: /Common/ap_access:Common:781c1777: Starting RDP 'Desktop' from resource '/Common/PA-Traps-ESMA' | |
Sep 28 21:55:15 vpn2 notice vdi[21202]: 019c0001:5: /Common/ap_access:Common:781c1777: Starting RDP 'Desktop' from resource '/Common/PA-Traps-ESMA' | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} <- HttpMessageStarted | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} BHL_OnCall: Got HttpMessageStarted | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} CHL::StartSending isRequest 1 | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} ClientHttpLink::InitiateTransaction , isRequest 0 | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} <- HttpResponse[HTTP/1.1 200 OK] | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} BHL_OnCall: Got HttpResponse[HTTP/1.1 200 OK] | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} <- HttpHeaders[5] | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} ConnectionClose=0 | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} BHL_OnCall: Got HttpHeaders[5] | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} CHL::AccomplishSendingHeaders isRequest 0 | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} <- Payload[4419] | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} BHL_OnCall: Got Payload[4419] | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} <- HttpMessageCompleted | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} BHL_OnCall: Got HttpMessageCompleted | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} CHL::CompleteSending isRequest 0 | |
Sep 28 21:55:15 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: New connection 180.150.104.94 62895 172.31.0.4 443 on tmm 0 0 | |
Sep 28 21:55:15 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: New connection 180.150.104.94 62897 172.31.0.4 443 on tmm 0 0 | |
Sep 28 21:55:15 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Request (RDG_OUT_DATA /remoteDesktopGateway/ HTTP/1.1 Cache-Control: no-cache Connection: Upgrade Pragma: no-cache Upgrade: websocket Accept: */* User-Agent: MS-RDGateway/1.0 RDG-Connection-Id: {921883D0-32FB-4DF2-8BF4-E0546C34C84B} RDG-Auth-Scheme: PAA RDG-Correlation-Id: {BD6AEE22-4900-4769-AD2B-7A8109080000} RDG-Client-Generation: Win32#10.0=5 Sec-WebSocket-Key: CzMFo21ubRx0ptcT3JAc/g== Sec-WebSocket-Version: 13 Host: my.site.com ) | |
Sep 28 21:55:15 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Client-type (rdg-http) | |
Sep 28 21:55:15 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Got rdg-http OUT on tmm 0 0 ntlm_done 0 | |
Sep 28 21:55:15 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Created RDG session {921883D0-32FB-4DF2-8BF4-E0546C34C84B} on tmm 0 0. | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5e.C} TMEVT_OPEN | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5e.C} TMEVT_REQUEST | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5e.C} CHL::PassToOutput HttpMessageStarted isRequest 1 forward 0 | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5e.C} -> HttpMessageStarted | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5e.C} CHL::PassToOutput HttpRequest[RDG_OUT_DATA /remoteDesktopGateway/ HTTP/1.1] isRequest 1 forward 0 | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5e.C} -> HttpRequest[RDG_OUT_DATA /remoteDesktopGateway/ HTTP/1.1] | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5e.C} CHL::PassToOutput HttpHeaders[14] isRequest 1 forward 0 | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5e.C} -> HttpHeaders[14] | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5e.C} ConnectionClose=0 | |
Sep 28 21:55:15 vpn2 info vdi[21202]: 019cffff:6: /Common/ap_access:Common:00000000: {5e.C} New 'RDG-HTTP' request from 180.150.104.94:62895 to 172.31.0.4:443 | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5e.C} TMEVT_REQUEST_DONE | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5e.C} CHL::PassToOutput HttpMessageCompleted isRequest 1 forward 0 | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5e.C} -> HttpMessageCompleted | |
Sep 28 21:55:15 vpn2 info vdi[21202]: 019cffff:6: /Common/ap_access:Common:00000000: {5e.C} RDG connection from APM Webtop | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5e.C} <- HttpMessageStarted | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5e.C} BHL_OnCall: Got HttpMessageStarted | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5e.C} CHL::StartSending isRequest 1 | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5e.C} ClientHttpLink::InitiateTransaction , isRequest 0 | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5e.C} <- HttpResponse[HTTP/1.1 200 OK] | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5e.C} BHL_OnCall: Got HttpResponse[HTTP/1.1 200 OK] | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5e.C} <- HttpHeaders[0] | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5e.C} ConnectionClose=0 | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5e.C} BHL_OnCall: Got HttpHeaders[0] | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5e.C} CHL::AccomplishSendingHeaders isRequest 0 | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5e.C} <- Payload[10] | |
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5e.C} BHL_OnCall: Got Payload[10] | |
Sep 28 21:55:15 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: New connection 180.150.104.94 62898 172.31.0.4 443 on tmm 0 1 | |
Sep 28 21:55:15 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Request (RDG_IN_DATA /remoteDesktopGateway/ HTTP/1.1 Cache-Control: no-cache Connection: Keep-Alive Pragma: no-cache Accept: */* User-Agent: MS-RDGateway/1.0 RDG-Connection-Id: {921883D0-32FB-4DF2-8BF4-E0546C34C84B} RDG-Auth-Scheme: PAA RDG-Correlation-Id: {BD6AEE22-4900-4769-AD2B-7A8109080000} Host: my.site.com ) | |
Sep 28 21:55:15 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Client-type (rdg-http) | |
Sep 28 21:55:15 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Got rdg-http IN on tmm 0 1 ntlm_done 0 | |
Sep 28 21:55:15 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Found established RDG session {921883D0-32FB-4DF2-8BF4-E0546C34C84B} on tmm 0 0. Redirect. | |
Sep 28 21:55:16 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: New connection 98.219.150.106 63876 172.31.0.4 443 on tmm 0 1 | |
Sep 28 21:55:17 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Request (POST / HTTP/1.1 Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko Host: X.X.X.X Content-Length: 424 Cache-Control: no-cache ) | |
Sep 28 21:55:17 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Client-type (none) | |
Sep 28 21:55:17 vpn2 notice tmm1[24457]: 01490506:5: /Common/ap_access:Common:d041dc01: Received User-Agent header: Mozilla%2f5.0%20(Windows%20NT%206.1%3b%20WOW64%3b%20Trident%2f7.0%3b%20rv%3a11.0)%20like%20Gecko. | |
Sep 28 21:55:17 vpn2 notice tmm1[24457]: 01490506:5: /Common/ap_access:Common:d041dc01: Received User-Agent header: Mozilla%2f5.0%20(Windows%20NT%206.1%3b%20WOW64%3b%20Trident%2f7.0%3b%20rv%3a11.0)%20like%20Gecko. | |
Sep 28 21:55:17 vpn2 notice tmm1[24457]: 01490500:5: /Common/ap_access:Common:d041dc01: New session from client IP 98.219.150.106 (ST=Ohio/CC=US/C=NA) at VIP 172.31.0.4 Listener /Common/vs_my.site.com_443 (Reputation=Unknown) | |
Sep 28 21:55:17 vpn2 notice tmm1[24457]: 01490500:5: /Common/ap_access:Common:d041dc01: New session from client IP 98.219.150.106 (ST=Ohio/CC=US/C=NA) at VIP 172.31.0.4 Listener /Common/vs_my.site.com_443 (Reputation=Unknown) | |
Sep 28 21:55:17 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: New connection 98.219.150.106 63877 172.31.0.4 443 on tmm 0 0 | |
Sep 28 21:55:18 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Request (GET /my.policy HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko Host: X.X.X.X Cache-Control: no-cache Connection: Keep-Alive ) | |
Sep 28 21:55:18 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Client-type (none) | |
Sep 28 21:55:18 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: New connection 98.219.150.106 63878 172.31.0.4 443 on tmm 0 1 | |
Sep 28 21:55:18 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Request (GET /my.logout.php3?errorcode=19 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko Host: X.X.X.X Cache-Control: no-cache Connection: Keep-Alive ) | |
Sep 28 21:55:18 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Client-type (none) | |
Sep 28 21:55:27 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: RD: [C] 180.150.104.94.62898 i 172.31.0.4.443: server-side connection was reset, reason: TCP retransmit timeout | |
Sep 28 21:55:27 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: RD: [S] 172.31.0.4.443 i 180.150.104.94.62898: server-side connection was reset, reason: TCP retransmit timeout | |
Sep 28 21:55:27 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5e.C} TMEVT_ABORT_PEER | |
Sep 28 21:55:27 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5e.C} TMEVT_ABORT_PROXY | |
Sep 28 21:55:27 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5e.C} TMEVT_CLOSE | |
Sep 28 21:55:27 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5e.C} -> ~D | |
Sep 28 21:55:27 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: RD: [C] 180.150.104.94.62895 i 172.31.0.4.443: server-side connection was reset, reason: TCP RST from remote system | |
Sep 28 21:55:27 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: No more connections associate with RDG session {921883D0-32FB-4DF2-8BF4-E0546C34C84B}. Deleted the session. | |
Sep 28 21:55:27 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5e.C} BHL_OnDispose | |
Sep 28 21:55:30 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:781c1777: Request (GET /f5vdi/rdp/launch/Common/PA-Traps-ESMA HTTP/1.1 Host: my.site.com Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 Referer: https://my.site.com/vdesk/webtop.eui?webtop=/Common/wt_my.site.com&webtop_type=webtop_full Accept-Encoding: gzip, deflate, br Accept-Language: en-AU,en-GB;q=0.8,en-US;q=0.6,en;q=0.4 Cookie: __unam=3551c63-15e9bb33c4b-bdf5c05-3; _ga=GA1.2.2101453515.1505850769; F5_fullWT=1; F5_ST=1506598739c900c100c1506598739c604800c600c; LastMRH_Session=781c1777; MRHSession=0b1c1fee9ba6624c3a7223e5781c1777; TIN=837000 ) | |
Sep 28 21:55:30 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:781c1777: Client-type (apm-webtop) | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_REQUEST | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} CHL::PassToOutput HttpMessageStarted isRequest 1 forward 0 | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} -> HttpMessageStarted | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} CHL::PassToOutput HttpRequest[GET /f5vdi/rdp/launch/Common/PA-Traps-ESMA HTTP/1.1] isRequest 1 forward 0 | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} -> HttpRequest[GET /f5vdi/rdp/launch/Common/PA-Traps-ESMA HTTP/1.1] | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} CHL::PassToOutput HttpHeaders[10] isRequest 1 forward 0 | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} -> HttpHeaders[10] | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} ConnectionClose=0 | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} HttpRecv: Got headers | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_REQUEST_DONE | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} CHL::PassToOutput HttpMessageCompleted isRequest 1 forward 0 | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} -> HttpMessageCompleted | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} HttpRecv: Completed! | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.781c1777.session.assigned.resources.rd' = '/Common/PA-Traps-ESMA /Common/PA-Traps-ESMB /Common/PA-Traps-W10 /Common/PA-Traps-Win7-32 /Common/PA-Traps-Win7-64' | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.781c1777.session.snapshotid' = '2d1b222a7cb30_9ooooooooooooooooo' | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.2d1b222a7cb30_9ooooooooooooooooo.config.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.type' = 'rdp' | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.2d1b222a7cb30_9ooooooooooooooooo.config.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.native_client' = '1' | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.2d1b222a7cb30_9ooooooooooooooooo.config.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.server_type' = '0' | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.781c1777.session.snapshotid' = '2d1b222a7cb30_9ooooooooooooooooo' | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.2d1b222a7cb30_9ooooooooooooooooo.config.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.user_defined_dst' = '0' | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.2d1b222a7cb30_9ooooooooooooooooo.config.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.host' = '%{session.custom.traps.rdp.destination}' | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.781c1777.session.custom.traps.rdp.destination' = '172.30.7.205' | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.2d1b222a7cb30_9ooooooooooooooooo.config.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.port' = '3391' | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17SetSessionDBValue result 'tmm.session.781c1777.session.autocleanup.tmm.vdi.rdp.token.xj1Gf3fcJtrmTPur_2ZU_A' = '' | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17SetSessionDBValue result 'tmm.vdi.rdp.token.xj1Gf3fcJtrmTPur_2ZU_A' = '0b1c1fee9ba6624c3a7223e5781c1777|/Common/PA-Traps-ESMA|172.30.7.205:3391' | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.781c1777.session.client.platform' = 'Win10' | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.781c1777.session.snapshotid' = '2d1b222a7cb30_9ooooooooooooooooo' | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.2d1b222a7cb30_9ooooooooooooooooo.config.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.config_template' = 'autoreconnection enabled:i:0' | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.781c1777.session.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.domain' = 'PAN.aep' | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.781c1777.session.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.username' = 'administrator' | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.781c1777.session.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.password' = '********' | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} Sending OOB to (RD ) msg_id (2) | |
Sep 28 21:55:30 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: RD: [C] 180.150.104.94.62894 i 172.31.0.4.443: Received OOB request: Get Clientssl certificate | |
Sep 28 21:55:30 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: RD: [C] 180.150.104.94.62894 i 172.31.0.4.443: Sending OOB reply | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_OOB | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} Received OOB from (RD ) msg_id: 2; data_len: 2480 | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} OOB data: 0009AD0005113082050D308203F5A0030201020212037C3EBCE063F5DB3A3048CFC57D72524735300D06092A864886F70D01010B0500304A310B300906035504061302555331163014060355040A130D4C6574277320456E6372797074312330210603550403131A4C6574277320456E637279707420417574686F72697479205833301E170D3137303932353233333930305A170D3137313232343233333930305A3020311E301C060355040313156C6162732E726564656475636174696F6E2E636F6D30820122300D06092A864886F70D01010105000382010F003082010A0282010100CC6F05377EC5A1A3A7C89EFF4FAFE45EE9492427068982164B812BD57C531BA1CAC8F78B917C53CC651321B39377CC1D7AF2F6F278671D72D11511F9DE3C84B56D66B35F333BA3137EB2DB0D135DF6DA309C03A135E9FEA33FDBEABD8D62F035CE3B364DD33AE84A5A2D44294FCF9FED17FA2E11AF7D212E2BFB612B4F90D57EEED906B3CEEA7A10E140D6DF96AB34AF25B393C73F9ECC573B8A14CA6EE4A6DB28CA3BC0074141F62F0E95B71A15B6435C9658D48A251388757B3C38EE8C9771C5B1B2468967BB9BA8B0FBB43FE18D597F9FE3B5D8C727D8C1B0B024B233F234D954F00EB6A95C5CC9370096E5CBC7870F6F29AD4087A3459F4F410905039C450203010001A382021530820211300E0603551D0F0101FF0404030205A0301D0603551D250416301406082B0601050507030106082B06010505070302300C0603551D130101FF04023000301D0603551D0E04160414B9B946BD35189C979C4A4FDA709426DF7DF9FF48301F0603551D23041830168014A84A6A63047DDDBAE6D139B7A64565EFF3A8ECA1306F06082B0601050507010104633061302E06082B060105050730018622687474703A2F2F6F6373702E696E742D78332E6C657473656E63727970742E6F7267302F06082B060105050730028623687474703A2F2F636572742E696E742D78332E6C657473656E63727970742E6F72672F30200603551D110419301782156C6162732E726564656475636174696F6E2E636F6D3081FE0603551D200481F63081F33008060667810C0102013081E6060B2B0601040182DF130101013081D6302606082B06010505070201161A687474703A2F2F6370732E6C657473656E63727970742E6F72673081AB06082B0601050507020230819E0C819B54686973204365727469666963617465206D6179206F6E6C792062652072656C6965642075706F6E2062792052656C79696E67205061727469657320616E64206F6E6C7920696E206163636F7264616E636520776974682074686520436572746966696361746520506F6C69637920666F756E642061742068747470733A2F2F6C657473656E63727970742E6F72672F7265706F7369746F72792F300D06092A864886F70D01010B050003820101005AA6D0CAD9F3469EE9A2C33A1FA77F85785742FC09F3B65D7D14E9324FE38569AEE13DD6BCF2A71698B7DD57199E2B94FAE5C3C55B62A3A417473276D57386A4732BB0F3D116C399DF67A3E6F698F5CC70CD41ED93C0660FB8520BF5F41CCCCCCC2ACBB3EE421D59CCE78090A6814F2CCF46682A9CFDF4908B49AF1107E2A7AC9895E29C2EC5BFE92500A2F2A7C6450C438B92624DB919EDD277747E6ED669D171485094429A637989F12B76AF834584F861AFC93DC13B5ABB9D0FE0B4AECE2C15A8A73D22C411D14C09111CB02BDEA4AD839300827AB1C28E837452D1953364B94A676457D98B7BC8EF454F9AA7612D8312A2F3CFBC0FF41F5EF5B5B0D24D09000496308204923082037AA00302010202100A0141420000015385736A0B85ECA708300D06092A864886F70D01010B0500303F31243022060355040A131B4469676974616C205369676E617475726520547275737420436F2E311730150603550403130E44535420526F6F74204341205833301E170D3136303331373136343034365A170D3231303331373136343034365A304A310B300906035504061302555331163014060355040A130D4C6574277320456E6372797074312330210603550403131A4C6574277320456E637279707420417574686F7269747920583330820122300D06092A864886F70D01010105000382010F003082010A02820101009CD30CF05AE52E47B7725D3783B3686330EAD735261925E1BDBE35F170922FB7B84B4105ABA99E350858ECB12AC468870BA3E375E4E6F3A76271BA7981601FD7919A9FF3D0786771C8690E9591CFFEE699E9603C48CC7ECA4D7712249D471B5AEBB9EC1E37001C9CAC7BA705EACE4AEBBD41E53698B9CBFD6D3C9668DF232A42900C867467C87FA59AB8526114133F65E98287CBDBFA0E56F68689F3853F9786AFB0DC1AEF6B0D95167DC42BA065B299043675806BAC4AF31B9049782FA2964F2A20252904C674C0D031CD8F31389516BAA833B843F1B11FC3307FA27931133D2D36F8E3FCF2336AB93931C5AFC48D0D1D641633AAFA8429B6D40BC0D87DC3930203010001A382017D3082017930120603551D130101FF040830060101FF020100300E0603551D0F0101FF040403020186307F06082B0601050507010104733071303206082B060105050730018626687474703A2F2F697372672E747275737469642E6F6373702E6964656E74727573742E636F6D303B06082B06010505073002862F687474703A2F2F617070732E6964656E74727573742E636F6D2F726F6F74732F647374726F6F74636178332E703763301F0603551D23041830168014C4A7B1A47B2C71FADBE14B9075FFC4156085891030540603551D20044D304B3008060667810C010201303F060B2B0601040182DF130101013030302E06082B060105050702011622687474703A2F2F6370732E726F6F742D78312E6C657473656E63727970742E6F7267303C0603551D1F043530333031A02FA02D862B687474703A2F2F63726C2E6964656E74727573742E636F6D2F445354524F4F544341583343524C2E63726C301D0603551D0E04160414A84A6A63047DDDBAE6D139B7A64565EFF3A8ECA1300D06092A864886F70D01010B05000382010100DD33D711F3635838DD1815FB0955BE7656B97048A56947277BC2240892F15A1F4A1229372474511C6268B8CD957067E5F7A4BC4E2851CD9BE8AE879DEAD8BA5AA1019ADCF0DD6A1D6AD83E57239EA61E04629AFFD705CAB71F3FC00A48BC94B0B66562E0C154E5A32AAD20C4E9E6BBDCC8F6B5C332A398CC77A8E67965072BCB28FE3A165281CE520C2E5F83E8D50633FB776CCE40EA329E1F925C41C1746C5B5D0A5F33CC4D9FAC38F02F7B2C629DD9A3916F251B2F90B119463DF67E1BA67A87B9A37A6D18FA25A5918715E0F2162F58B0062F2C6826C64B98CDDA9F0CF97F90ED434A12444E6F737A28EAA4AA6E7B4C7D87DDE0C90244A787AFC3345BB442 | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} Sending OOB to (RD ) msg_id (4) | |
Sep 28 21:55:30 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: RD: [C] 180.150.104.94.62894 i 172.31.0.4.443: Received OOB request: Sign data with clientSSL RSA key | |
Sep 28 21:55:30 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: RD: [C] 180.150.104.94.62894 i 172.31.0.4.443: Sending OOB reply | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_OOB | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} Received OOB from (RD ) msg_id: 4; data_len: 256 | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} OOB data: C92AD7E3B3CF55FDB506CE14A7AC21DCA70C2ABDD6A4A93D468DDE5478EB31E82336FA9F9A39151DAA6185B4176C24D9EB57B1B2BC3F25A83D3D15A6D048D940E2558D863ADCE1D90F9A5B53C001C78EF948F6B0DFFA0544817DF81FDD7A4CE97C7EDEAFE09202C0076F56D64418232454AC1EF71B53B897A53C4ABAF21EE4007F347CD5DDA4EAC619575B10CC4A28F32917788D09AEAC83B71DFB68FAE006A655AFE3140AC3AAEC42F01115EBAF486048442DC81D90EE7926A5177A35B36276021E5627F9A1414AD2F367240AB7FEFE665C8B193A73BA2573A27DFA55316427F765E1CF299C8EA3266A6B41EF61C5B8D6FE7506FB6293976013AE86B084F611 | |
Sep 28 21:55:30 vpn2 notice vdi[21202]: 019c0001:5: /Common/ap_access:Common:781c1777: Starting RDP 'Desktop' from resource '/Common/PA-Traps-ESMA' | |
Sep 28 21:55:30 vpn2 notice vdi[21202]: 019c0001:5: /Common/ap_access:Common:781c1777: Starting RDP 'Desktop' from resource '/Common/PA-Traps-ESMA' | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} <- HttpMessageStarted | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} BHL_OnCall: Got HttpMessageStarted | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} CHL::StartSending isRequest 1 | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} ClientHttpLink::InitiateTransaction , isRequest 0 | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} <- HttpResponse[HTTP/1.1 200 OK] | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} BHL_OnCall: Got HttpResponse[HTTP/1.1 200 OK] | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} <- HttpHeaders[5] | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} ConnectionClose=0 | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} BHL_OnCall: Got HttpHeaders[5] | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} CHL::AccomplishSendingHeaders isRequest 0 | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} <- Payload[4419] | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} BHL_OnCall: Got Payload[4419] | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} <- HttpMessageCompleted | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} BHL_OnCall: Got HttpMessageCompleted | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} CHL::CompleteSending isRequest 0 | |
Sep 28 21:55:30 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: New connection 180.150.104.94 62903 172.31.0.4 443 on tmm 0 0 | |
Sep 28 21:55:30 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: New connection 180.150.104.94 62905 172.31.0.4 443 on tmm 0 0 | |
Sep 28 21:55:30 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Request (RDG_OUT_DATA /remoteDesktopGateway/ HTTP/1.1 Cache-Control: no-cache Connection: Upgrade Pragma: no-cache Upgrade: websocket Accept: */* User-Agent: MS-RDGateway/1.0 RDG-Connection-Id: {2586E326-34BE-4F51-AB1A-7D4023B48047} RDG-Auth-Scheme: PAA RDG-Correlation-Id: {E3075003-142F-4619-BA4B-CDA4BAF10000} RDG-Client-Generation: Win32#10.0=5 Sec-WebSocket-Key: 7KcW6feast4Ss6+7KSBr/g== Sec-WebSocket-Version: 13 Host: my.site.com ) | |
Sep 28 21:55:30 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Client-type (rdg-http) | |
Sep 28 21:55:30 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Got rdg-http OUT on tmm 0 0 ntlm_done 0 | |
Sep 28 21:55:30 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Created RDG session {2586E326-34BE-4F51-AB1A-7D4023B48047} on tmm 0 0. | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5f.C} TMEVT_OPEN | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5f.C} TMEVT_REQUEST | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5f.C} CHL::PassToOutput HttpMessageStarted isRequest 1 forward 0 | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5f.C} -> HttpMessageStarted | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5f.C} CHL::PassToOutput HttpRequest[RDG_OUT_DATA /remoteDesktopGateway/ HTTP/1.1] isRequest 1 forward 0 | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5f.C} -> HttpRequest[RDG_OUT_DATA /remoteDesktopGateway/ HTTP/1.1] | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5f.C} CHL::PassToOutput HttpHeaders[14] isRequest 1 forward 0 | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5f.C} -> HttpHeaders[14] | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5f.C} ConnectionClose=0 | |
Sep 28 21:55:30 vpn2 info vdi[21202]: 019cffff:6: /Common/ap_access:Common:00000000: {5f.C} New 'RDG-HTTP' request from 180.150.104.94:62903 to 172.31.0.4:443 | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5f.C} TMEVT_REQUEST_DONE | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5f.C} CHL::PassToOutput HttpMessageCompleted isRequest 1 forward 0 | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5f.C} -> HttpMessageCompleted | |
Sep 28 21:55:30 vpn2 info vdi[21202]: 019cffff:6: /Common/ap_access:Common:00000000: {5f.C} RDG connection from APM Webtop | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5f.C} <- HttpMessageStarted | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5f.C} BHL_OnCall: Got HttpMessageStarted | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5f.C} CHL::StartSending isRequest 1 | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5f.C} ClientHttpLink::InitiateTransaction , isRequest 0 | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5f.C} <- HttpResponse[HTTP/1.1 200 OK] | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5f.C} BHL_OnCall: Got HttpResponse[HTTP/1.1 200 OK] | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5f.C} <- HttpHeaders[0] | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5f.C} ConnectionClose=0 | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5f.C} BHL_OnCall: Got HttpHeaders[0] | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5f.C} CHL::AccomplishSendingHeaders isRequest 0 | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5f.C} <- Payload[10] | |
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5f.C} BHL_OnCall: Got Payload[10] | |
Sep 28 21:55:30 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: New connection 180.150.104.94 62906 172.31.0.4 443 on tmm 0 1 | |
Sep 28 21:55:30 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Request (RDG_IN_DATA /remoteDesktopGateway/ HTTP/1.1 Cache-Control: no-cache Connection: Keep-Alive Pragma: no-cache Accept: */* User-Agent: MS-RDGateway/1.0 RDG-Connection-Id: {2586E326-34BE-4F51-AB1A-7D4023B48047} RDG-Auth-Scheme: PAA RDG-Correlation-Id: {E3075003-142F-4619-BA4B-CDA4BAF10000} Host: my.site.com ) | |
Sep 28 21:55:30 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Client-type (rdg-http) | |
Sep 28 21:55:30 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Got rdg-http IN on tmm 0 1 ntlm_done 0 | |
Sep 28 21:55:30 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Found established RDG session {2586E326-34BE-4F51-AB1A-7D4023B48047} on tmm 0 0. Redirect. | |
Sep 28 21:55:42 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: RD: [C] 180.150.104.94.62906 i 172.31.0.4.443: server-side connection was reset, reason: TCP retransmit timeout | |
Sep 28 21:55:42 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: RD: [S] 172.31.0.4.443 i 180.150.104.94.62906: server-side connection was reset, reason: TCP retransmit timeout | |
Sep 28 21:55:42 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5f.C} TMEVT_ABORT_PEER | |
Sep 28 21:55:42 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5f.C} TMEVT_ABORT_PROXY | |
Sep 28 21:55:42 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5f.C} TMEVT_CLOSE | |
Sep 28 21:55:42 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5f.C} -> ~D | |
Sep 28 21:55:42 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5f.C} BHL_OnDispose | |
Sep 28 21:55:42 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: RD: [C] 180.150.104.94.62903 i 172.31.0.4.443: server-side connection was reset, reason: TCP RST from remote system | |
Sep 28 21:55:42 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: No more connections associate with RDG session {2586E326-34BE-4F51-AB1A-7D4023B48047}. Deleted the session. | |
Sep 28 21:55:46 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:781c1777: Request (GET /f5vdi/rdp/launch/Common/PA-Traps-ESMA HTTP/1.1 Host: my.site.com Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 Referer: https://my.site.com/vdesk/webtop.eui?webtop=/Common/wt_my.site.com&webtop_type=webtop_full Accept-Encoding: gzip, deflate, br Accept-Language: en-AU,en-GB;q=0.8,en-US;q=0.6,en;q=0.4 Cookie: __unam=3551c63-15e9bb33c4b-bdf5c05-3; _ga=GA1.2.2101453515.1505850769; F5_fullWT=1; F5_ST=1506598739c900c100c1506598739c604800c600c; LastMRH_Session=781c1777; MRHSession=0b1c1fee9ba6624c3a7223e5781c1777; TIN=837000 ) | |
Sep 28 21:55:46 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:781c1777: Client-type (apm-webtop) | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_REQUEST | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} CHL::PassToOutput HttpMessageStarted isRequest 1 forward 0 | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} -> HttpMessageStarted | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} CHL::PassToOutput HttpRequest[GET /f5vdi/rdp/launch/Common/PA-Traps-ESMA HTTP/1.1] isRequest 1 forward 0 | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} -> HttpRequest[GET /f5vdi/rdp/launch/Common/PA-Traps-ESMA HTTP/1.1] | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} CHL::PassToOutput HttpHeaders[10] isRequest 1 forward 0 | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} -> HttpHeaders[10] | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} ConnectionClose=0 | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} HttpRecv: Got headers | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_REQUEST_DONE | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} CHL::PassToOutput HttpMessageCompleted isRequest 1 forward 0 | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} -> HttpMessageCompleted | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} HttpRecv: Completed! | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.781c1777.session.assigned.resources.rd' = '/Common/PA-Traps-ESMA /Common/PA-Traps-ESMB /Common/PA-Traps-W10 /Common/PA-Traps-Win7-32 /Common/PA-Traps-Win7-64' | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.781c1777.session.snapshotid' = '2d1b222a7cb30_9ooooooooooooooooo' | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.2d1b222a7cb30_9ooooooooooooooooo.config.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.type' = 'rdp' | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.2d1b222a7cb30_9ooooooooooooooooo.config.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.native_client' = '1' | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.2d1b222a7cb30_9ooooooooooooooooo.config.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.server_type' = '0' | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.781c1777.session.snapshotid' = '2d1b222a7cb30_9ooooooooooooooooo' | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.2d1b222a7cb30_9ooooooooooooooooo.config.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.user_defined_dst' = '0' | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.2d1b222a7cb30_9ooooooooooooooooo.config.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.host' = '%{session.custom.traps.rdp.destination}' | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.781c1777.session.custom.traps.rdp.destination' = '172.30.7.205' | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.2d1b222a7cb30_9ooooooooooooooooo.config.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.port' = '3391' | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17SetSessionDBValue result 'tmm.session.781c1777.session.autocleanup.tmm.vdi.rdp.token.2rkX1ntnq8cw6MHreu5A9w' = '' | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17SetSessionDBValue result 'tmm.vdi.rdp.token.2rkX1ntnq8cw6MHreu5A9w' = '0b1c1fee9ba6624c3a7223e5781c1777|/Common/PA-Traps-ESMA|172.30.7.205:3391' | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.781c1777.session.client.platform' = 'Win10' | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.781c1777.session.snapshotid' = '2d1b222a7cb30_9ooooooooooooooooo' | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.2d1b222a7cb30_9ooooooooooooooooo.config.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.config_template' = 'autoreconnection enabled:i:0' | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.781c1777.session.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.domain' = 'PAN.aep' | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.781c1777.session.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.username' = 'administrator' | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.781c1777.session.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.password' = '********' | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} Sending OOB to (RD ) msg_id (2) | |
Sep 28 21:55:46 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: RD: [C] 180.150.104.94.62894 i 172.31.0.4.443: Received OOB request: Get Clientssl certificate | |
Sep 28 21:55:46 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: RD: [C] 180.150.104.94.62894 i 172.31.0.4.443: Sending OOB reply | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_OOB | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} Received OOB from (RD ) msg_id: 2; data_len: 2480 | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} OOB data: 0009AD0005113082050D308203F5A0030201020212037C3EBCE063F5DB3A3048CFC57D72524735300D06092A864886F70D01010B0500304A310B300906035504061302555331163014060355040A130D4C6574277320456E6372797074312330210603550403131A4C6574277320456E637279707420417574686F72697479205833301E170D3137303932353233333930305A170D3137313232343233333930305A3020311E301C060355040313156C6162732E726564656475636174696F6E2E636F6D30820122300D06092A864886F70D01010105000382010F003082010A0282010100CC6F05377EC5A1A3A7C89EFF4FAFE45EE9492427068982164B812BD57C531BA1CAC8F78B917C53CC651321B39377CC1D7AF2F6F278671D72D11511F9DE3C84B56D66B35F333BA3137EB2DB0D135DF6DA309C03A135E9FEA33FDBEABD8D62F035CE3B364DD33AE84A5A2D44294FCF9FED17FA2E11AF7D212E2BFB612B4F90D57EEED906B3CEEA7A10E140D6DF96AB34AF25B393C73F9ECC573B8A14CA6EE4A6DB28CA3BC0074141F62F0E95B71A15B6435C9658D48A251388757B3C38EE8C9771C5B1B2468967BB9BA8B0FBB43FE18D597F9FE3B5D8C727D8C1B0B024B233F234D954F00EB6A95C5CC9370096E5CBC7870F6F29AD4087A3459F4F410905039C450203010001A382021530820211300E0603551D0F0101FF0404030205A0301D0603551D250416301406082B0601050507030106082B06010505070302300C0603551D130101FF04023000301D0603551D0E04160414B9B946BD35189C979C4A4FDA709426DF7DF9FF48301F0603551D23041830168014A84A6A63047DDDBAE6D139B7A64565EFF3A8ECA1306F06082B0601050507010104633061302E06082B060105050730018622687474703A2F2F6F6373702E696E742D78332E6C657473656E63727970742E6F7267302F06082B060105050730028623687474703A2F2F636572742E696E742D78332E6C657473656E63727970742E6F72672F30200603551D110419301782156C6162732E726564656475636174696F6E2E636F6D3081FE0603551D200481F63081F33008060667810C0102013081E6060B2B0601040182DF130101013081D6302606082B06010505070201161A687474703A2F2F6370732E6C657473656E63727970742E6F72673081AB06082B0601050507020230819E0C819B54686973204365727469666963617465206D6179206F6E6C792062652072656C6965642075706F6E2062792052656C79696E67205061727469657320616E64206F6E6C7920696E206163636F7264616E636520776974682074686520436572746966696361746520506F6C69637920666F756E642061742068747470733A2F2F6C657473656E63727970742E6F72672F7265706F7369746F72792F300D06092A864886F70D01010B050003820101005AA6D0CAD9F3469EE9A2C33A1FA77F85785742FC09F3B65D7D14E9324FE38569AEE13DD6BCF2A71698B7DD57199E2B94FAE5C3C55B62A3A417473276D57386A4732BB0F3D116C399DF67A3E6F698F5CC70CD41ED93C0660FB8520BF5F41CCCCCCC2ACBB3EE421D59CCE78090A6814F2CCF46682A9CFDF4908B49AF1107E2A7AC9895E29C2EC5BFE92500A2F2A7C6450C438B92624DB919EDD277747E6ED669D171485094429A637989F12B76AF834584F861AFC93DC13B5ABB9D0FE0B4AECE2C15A8A73D22C411D14C09111CB02BDEA4AD839300827AB1C28E837452D1953364B94A676457D98B7BC8EF454F9AA7612D8312A2F3CFBC0FF41F5EF5B5B0D24D09000496308204923082037AA00302010202100A0141420000015385736A0B85ECA708300D06092A864886F70D01010B0500303F31243022060355040A131B4469676974616C205369676E617475726520547275737420436F2E311730150603550403130E44535420526F6F74204341205833301E170D3136303331373136343034365A170D3231303331373136343034365A304A310B300906035504061302555331163014060355040A130D4C6574277320456E6372797074312330210603550403131A4C6574277320456E637279707420417574686F7269747920583330820122300D06092A864886F70D01010105000382010F003082010A02820101009CD30CF05AE52E47B7725D3783B3686330EAD735261925E1BDBE35F170922FB7B84B4105ABA99E350858ECB12AC468870BA3E375E4E6F3A76271BA7981601FD7919A9FF3D0786771C8690E9591CFFEE699E9603C48CC7ECA4D7712249D471B5AEBB9EC1E37001C9CAC7BA705EACE4AEBBD41E53698B9CBFD6D3C9668DF232A42900C867467C87FA59AB8526114133F65E98287CBDBFA0E56F68689F3853F9786AFB0DC1AEF6B0D95167DC42BA065B299043675806BAC4AF31B9049782FA2964F2A20252904C674C0D031CD8F31389516BAA833B843F1B11FC3307FA27931133D2D36F8E3FCF2336AB93931C5AFC48D0D1D641633AAFA8429B6D40BC0D87DC3930203010001A382017D3082017930120603551D130101FF040830060101FF020100300E0603551D0F0101FF040403020186307F06082B0601050507010104733071303206082B060105050730018626687474703A2F2F697372672E747275737469642E6F6373702E6964656E74727573742E636F6D303B06082B06010505073002862F687474703A2F2F617070732E6964656E74727573742E636F6D2F726F6F74732F647374726F6F74636178332E703763301F0603551D23041830168014C4A7B1A47B2C71FADBE14B9075FFC4156085891030540603551D20044D304B3008060667810C010201303F060B2B0601040182DF130101013030302E06082B060105050702011622687474703A2F2F6370732E726F6F742D78312E6C657473656E63727970742E6F7267303C0603551D1F043530333031A02FA02D862B687474703A2F2F63726C2E6964656E74727573742E636F6D2F445354524F4F544341583343524C2E63726C301D0603551D0E04160414A84A6A63047DDDBAE6D139B7A64565EFF3A8ECA1300D06092A864886F70D01010B05000382010100DD33D711F3635838DD1815FB0955BE7656B97048A56947277BC2240892F15A1F4A1229372474511C6268B8CD957067E5F7A4BC4E2851CD9BE8AE879DEAD8BA5AA1019ADCF0DD6A1D6AD83E57239EA61E04629AFFD705CAB71F3FC00A48BC94B0B66562E0C154E5A32AAD20C4E9E6BBDCC8F6B5C332A398CC77A8E67965072BCB28FE3A165281CE520C2E5F83E8D50633FB776CCE40EA329E1F925C41C1746C5B5D0A5F33CC4D9FAC38F02F7B2C629DD9A3916F251B2F90B119463DF67E1BA67A87B9A37A6D18FA25A5918715E0F2162F58B0062F2C6826C64B98CDDA9F0CF97F90ED434A12444E6F737A28EAA4AA6E7B4C7D87DDE0C90244A787AFC3345BB442 | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} Sending OOB to (RD ) msg_id (4) | |
Sep 28 21:55:46 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: RD: [C] 180.150.104.94.62894 i 172.31.0.4.443: Received OOB request: Sign data with clientSSL RSA key | |
Sep 28 21:55:46 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: RD: [C] 180.150.104.94.62894 i 172.31.0.4.443: Sending OOB reply | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_OOB | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} Received OOB from (RD ) msg_id: 4; data_len: 256 | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} OOB data: C92AD7E3B3CF55FDB506CE14A7AC21DCA70C2ABDD6A4A93D468DDE5478EB31E82336FA9F9A39151DAA6185B4176C24D9EB57B1B2BC3F25A83D3D15A6D048D940E2558D863ADCE1D90F9A5B53C001C78EF948F6B0DFFA0544817DF81FDD7A4CE97C7EDEAFE09202C0076F56D64418232454AC1EF71B53B897A53C4ABAF21EE4007F347CD5DDA4EAC619575B10CC4A28F32917788D09AEAC83B71DFB68FAE006A655AFE3140AC3AAEC42F01115EBAF486048442DC81D90EE7926A5177A35B36276021E5627F9A1414AD2F367240AB7FEFE665C8B193A73BA2573A27DFA55316427F765E1CF299C8EA3266A6B41EF61C5B8D6FE7506FB6293976013AE86B084F611 | |
Sep 28 21:55:46 vpn2 notice vdi[21202]: 019c0001:5: /Common/ap_access:Common:781c1777: Starting RDP 'Desktop' from resource '/Common/PA-Traps-ESMA' | |
Sep 28 21:55:46 vpn2 notice vdi[21202]: 019c0001:5: /Common/ap_access:Common:781c1777: Starting RDP 'Desktop' from resource '/Common/PA-Traps-ESMA' | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} <- HttpMessageStarted | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} BHL_OnCall: Got HttpMessageStarted | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} CHL::StartSending isRequest 1 | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} ClientHttpLink::InitiateTransaction , isRequest 0 | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} <- HttpResponse[HTTP/1.1 200 OK] | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} BHL_OnCall: Got HttpResponse[HTTP/1.1 200 OK] | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} <- HttpHeaders[5] | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} ConnectionClose=0 | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} BHL_OnCall: Got HttpHeaders[5] | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} CHL::AccomplishSendingHeaders isRequest 0 | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} <- Payload[4419] | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} BHL_OnCall: Got Payload[4419] | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} <- HttpMessageCompleted | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} BHL_OnCall: Got HttpMessageCompleted | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} CHL::CompleteSending isRequest 0 | |
Sep 28 21:55:46 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: New connection 180.150.104.94 62911 172.31.0.4 443 on tmm 0 0 | |
Sep 28 21:55:46 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: New connection 180.150.104.94 62913 172.31.0.4 443 on tmm 0 0 | |
Sep 28 21:55:46 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Request (RDG_OUT_DATA /remoteDesktopGateway/ HTTP/1.1 Cache-Control: no-cache Connection: Upgrade Pragma: no-cache Upgrade: websocket Accept: */* User-Agent: MS-RDGateway/1.0 RDG-Connection-Id: {CF0CD9C0-5461-4159-BD34-9F45131EEA9B} RDG-Auth-Scheme: PAA RDG-Correlation-Id: {158A9F6E-860C-4658-BE9B-639992B70000} RDG-Client-Generation: Win32#10.0=5 Sec-WebSocket-Key: d3oY/pVmhUAEZ0ADMlwKmQ== Sec-WebSocket-Version: 13 Host: my.site.com ) | |
Sep 28 21:55:46 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Client-type (rdg-http) | |
Sep 28 21:55:46 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Got rdg-http OUT on tmm 0 0 ntlm_done 0 | |
Sep 28 21:55:46 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Created RDG session {CF0CD9C0-5461-4159-BD34-9F45131EEA9B} on tmm 0 0. | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {60.C} TMEVT_OPEN | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {60.C} TMEVT_REQUEST | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {60.C} CHL::PassToOutput HttpMessageStarted isRequest 1 forward 0 | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {60.C} -> HttpMessageStarted | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {60.C} CHL::PassToOutput HttpRequest[RDG_OUT_DATA /remoteDesktopGateway/ HTTP/1.1] isRequest 1 forward 0 | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {60.C} -> HttpRequest[RDG_OUT_DATA /remoteDesktopGateway/ HTTP/1.1] | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {60.C} CHL::PassToOutput HttpHeaders[14] isRequest 1 forward 0 | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {60.C} -> HttpHeaders[14] | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {60.C} ConnectionClose=0 | |
Sep 28 21:55:46 vpn2 info vdi[21202]: 019cffff:6: /Common/ap_access:Common:00000000: {60.C} New 'RDG-HTTP' request from 180.150.104.94:62911 to 172.31.0.4:443 | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {60.C} TMEVT_REQUEST_DONE | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {60.C} CHL::PassToOutput HttpMessageCompleted isRequest 1 forward 0 | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {60.C} -> HttpMessageCompleted | |
Sep 28 21:55:46 vpn2 info vdi[21202]: 019cffff:6: /Common/ap_access:Common:00000000: {60.C} RDG connection from APM Webtop | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {60.C} <- HttpMessageStarted | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {60.C} BHL_OnCall: Got HttpMessageStarted | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {60.C} CHL::StartSending isRequest 1 | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {60.C} ClientHttpLink::InitiateTransaction , isRequest 0 | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {60.C} <- HttpResponse[HTTP/1.1 200 OK] | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {60.C} BHL_OnCall: Got HttpResponse[HTTP/1.1 200 OK] | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {60.C} <- HttpHeaders[0] | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {60.C} ConnectionClose=0 | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {60.C} BHL_OnCall: Got HttpHeaders[0] | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {60.C} CHL::AccomplishSendingHeaders isRequest 0 | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {60.C} <- Payload[10] | |
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {60.C} BHL_OnCall: Got Payload[10] | |
Sep 28 21:55:46 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: New connection 180.150.104.94 62914 172.31.0.4 443 on tmm 0 1 | |
Sep 28 21:55:46 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Request (RDG_IN_DATA /remoteDesktopGateway/ HTTP/1.1 Cache-Control: no-cache Connection: Keep-Alive Pragma: no-cache Accept: */* User-Agent: MS-RDGateway/1.0 RDG-Connection-Id: {CF0CD9C0-5461-4159-BD34-9F45131EEA9B} RDG-Auth-Scheme: PAA RDG-Correlation-Id: {158A9F6E-860C-4658-BE9B-639992B70000} Host: my.site.com ) | |
Sep 28 21:55:46 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Client-type (rdg-http) | |
Sep 28 21:55:46 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Got rdg-http IN on tmm 0 1 ntlm_done 0 | |
Sep 28 21:55:46 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Found established RDG session {CF0CD9C0-5461-4159-BD34-9F45131EEA9B} on tmm 0 0. Redirect. | |
Sep 28 21:55:58 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: RD: [C] 180.150.104.94.62914 i 172.31.0.4.443: server-side connection was reset, reason: TCP retransmit timeout | |
Sep 28 21:55:58 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: RD: [S] 172.31.0.4.443 i 180.150.104.94.62914: server-side connection was reset, reason: TCP retransmit timeout | |
Sep 28 21:55:58 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: RD: [C] 180.150.104.94.62911 i 172.31.0.4.443: server-side connection was reset, reason: TCP RST from remote system | |
Sep 28 21:55:58 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {60.C} TMEVT_ABORT_PEER | |
Sep 28 21:55:58 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {60.C} TMEVT_ABORT_PROXY | |
Sep 28 21:55:58 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {60.C} TMEVT_CLOSE | |
Sep 28 21:55:58 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {60.C} -> ~D | |
Sep 28 21:55:58 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: No more connections associate with RDG session {CF0CD9C0-5461-4159-BD34-9F45131EEA9B}. Deleted the session. | |
Sep 28 21:55:58 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {60.C} BHL_OnDispose |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment