Skip to content

Instantly share code, notes, and snippets.

@rtfmoz

rtfmoz/apm-vdi-failure.log Secret

Created October 3, 2017 03:17
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save rtfmoz/58d82b0887146ea3a2310eb32fea1428 to your computer and use it in GitHub Desktop.
Save rtfmoz/58d82b0887146ea3a2310eb32fea1428 to your computer and use it in GitHub Desktop.
Download ZIP
Three Failed VDI access attempts
Raw
apm-vdi-failure.log
Sep 28 21:53:14 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: New connection 98.219.150.106 63516 172.31.0.4 443 on tmm 0 1
Sep 28 21:53:14 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Request (GET /my.policy HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko Host: X.X.X.X Cache-Control: no-cache Connection: Keep-Alive )
Sep 28 21:53:14 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Client-type (none)
Sep 28 21:53:15 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: New connection 98.219.150.106 63517 172.31.0.4 443 on tmm 0 0
Sep 28 21:53:15 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Request (GET /my.logout.php3?errorcode=19 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko Host: X.X.X.X Cache-Control: no-cache Connection: Keep-Alive )
Sep 28 21:53:15 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Client-type (none)
Sep 28 21:54:10 vpn2 notice tmm[24457]: 01490502:5: /Common/ap_access:Common:0fd077f3: Session deleted due to user inactivity.
Sep 28 21:54:10 vpn2 notice tmm[24457]: 01490502:5: /Common/ap_access:Common:0fd077f3: Session deleted due to user inactivity.
Sep 28 21:54:51 vpn2 notice tmm[24457]: 01490521:5: /Common/ap_access:Common:0fd077f3: Session statistics - bytes in: 0, bytes out: 0
Sep 28 21:54:51 vpn2 notice tmm[24457]: 01490521:5: /Common/ap_access:Common:0fd077f3: Session statistics - bytes in: 0, bytes out: 0
Sep 28 21:55:15 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: New connection 180.150.104.94 62894 172.31.0.4 443 on tmm 0 1
Sep 28 21:55:15 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:781c1777: Request (GET /f5vdi/rdp/launch/Common/PA-Traps-ESMA HTTP/1.1 Host: my.site.com Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 Referer: https://my.site.com/vdesk/webtop.eui?webtop=/Common/wt_my.site.com&webtop_type=webtop_full Accept-Encoding: gzip, deflate, br Accept-Language: en-AU,en-GB;q=0.8,en-US;q=0.6,en;q=0.4 Cookie: __unam=3551c63-15e9bb33c4b-bdf5c05-3; _ga=GA1.2.2101453515.1505850769; F5_fullWT=1; F5_ST=1506598739c900c100c1506598739c604800c600c; LastMRH_Session=781c1777; MRHSession=0b1c1fee9ba6624c3a7223e5781c1777; TIN=837000 )
Sep 28 21:55:15 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:781c1777: Client-type (apm-webtop)
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5d.C} TMEVT_OPEN
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5d.C} TMEVT_REQUEST
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5d.C} CHL::PassToOutput HttpMessageStarted isRequest 1 forward 0
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5d.C} -> HttpMessageStarted
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5d.C} CHL::PassToOutput HttpRequest[GET /f5vdi/rdp/launch/Common/PA-Traps-ESMA HTTP/1.1] isRequest 1 forward 0
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5d.C} -> HttpRequest[GET /f5vdi/rdp/launch/Common/PA-Traps-ESMA HTTP/1.1]
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5d.C} CHL::PassToOutput HttpHeaders[10] isRequest 1 forward 0
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5d.C} -> HttpHeaders[10]
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5d.C} ConnectionClose=0
Sep 28 21:55:15 vpn2 info vdi[21202]: 019cffff:6: /Common/ap_access:Common:00000000: {5d.C} New 'APM Webtop' request from 180.150.104.94:62894 to 172.31.0.4:443
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5d.C} HttpRecv: Got headers
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5d.C} TMEVT_REQUEST_DONE
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5d.C} CHL::PassToOutput HttpMessageCompleted isRequest 1 forward 0
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5d.C} -> HttpMessageCompleted
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5d.C} HttpRecv: Completed!
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.781c1777.session.assigned.resources.rd' = '/Common/PA-Traps-ESMA /Common/PA-Traps-ESMB /Common/PA-Traps-W10 /Common/PA-Traps-Win7-32 /Common/PA-Traps-Win7-64'
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.781c1777.session.snapshotid' = '2d1b222a7cb30_9ooooooooooooooooo'
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.2d1b222a7cb30_9ooooooooooooooooo.config.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.type' = 'rdp'
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.2d1b222a7cb30_9ooooooooooooooooo.config.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.native_client' = '1'
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.2d1b222a7cb30_9ooooooooooooooooo.config.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.server_type' = '0'
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.781c1777.session.snapshotid' = '2d1b222a7cb30_9ooooooooooooooooo'
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.2d1b222a7cb30_9ooooooooooooooooo.config.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.user_defined_dst' = '0'
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.2d1b222a7cb30_9ooooooooooooooooo.config.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.host' = '%{session.custom.traps.rdp.destination}'
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.781c1777.session.custom.traps.rdp.destination' = '172.30.7.205'
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.2d1b222a7cb30_9ooooooooooooooooo.config.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.port' = '3391'
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17SetSessionDBValue result 'tmm.session.781c1777.session.autocleanup.tmm.vdi.rdp.token.DyhW21z5ybS3Q7px9xh1Qw' = ''
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17SetSessionDBValue result 'tmm.vdi.rdp.token.DyhW21z5ybS3Q7px9xh1Qw' = '0b1c1fee9ba6624c3a7223e5781c1777|/Common/PA-Traps-ESMA|172.30.7.205:3391'
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.781c1777.session.client.platform' = 'Win10'
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.781c1777.session.snapshotid' = '2d1b222a7cb30_9ooooooooooooooooo'
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.2d1b222a7cb30_9ooooooooooooooooo.config.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.config_template' = 'autoreconnection enabled:i:0'
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.781c1777.session.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.domain' = 'PAN.aep'
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.781c1777.session.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.username' = 'administrator'
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.781c1777.session.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.password' = '********'
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} Sending OOB to (RD ) msg_id (2)
Sep 28 21:55:15 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: RD: [C] 180.150.104.94.62894 i 172.31.0.4.443: Received OOB request: Get Clientssl certificate
Sep 28 21:55:15 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: RD: [C] 180.150.104.94.62894 i 172.31.0.4.443: Sending OOB reply
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_OOB
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} Received OOB from (RD ) msg_id: 2; data_len: 2480
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} OOB data: 0009AD0005113082050D308203F5A0030201020212037C3EBCE063F5DB3A3048CFC57D72524735300D06092A864886F70D01010B0500304A310B300906035504061302555331163014060355040A130D4C6574277320456E6372797074312330210603550403131A4C6574277320456E637279707420417574686F72697479205833301E170D3137303932353233333930305A170D3137313232343233333930305A3020311E301C060355040313156C6162732E726564656475636174696F6E2E636F6D30820122300D06092A864886F70D01010105000382010F003082010A0282010100CC6F05377EC5A1A3A7C89EFF4FAFE45EE9492427068982164B812BD57C531BA1CAC8F78B917C53CC651321B39377CC1D7AF2F6F278671D72D11511F9DE3C84B56D66B35F333BA3137EB2DB0D135DF6DA309C03A135E9FEA33FDBEABD8D62F035CE3B364DD33AE84A5A2D44294FCF9FED17FA2E11AF7D212E2BFB612B4F90D57EEED906B3CEEA7A10E140D6DF96AB34AF25B393C73F9ECC573B8A14CA6EE4A6DB28CA3BC0074141F62F0E95B71A15B6435C9658D48A251388757B3C38EE8C9771C5B1B2468967BB9BA8B0FBB43FE18D597F9FE3B5D8C727D8C1B0B024B233F234D954F00EB6A95C5CC9370096E5CBC7870F6F29AD4087A3459F4F410905039C450203010001A382021530820211300E0603551D0F0101FF0404030205A0301D0603551D250416301406082B0601050507030106082B06010505070302300C0603551D130101FF04023000301D0603551D0E04160414B9B946BD35189C979C4A4FDA709426DF7DF9FF48301F0603551D23041830168014A84A6A63047DDDBAE6D139B7A64565EFF3A8ECA1306F06082B0601050507010104633061302E06082B060105050730018622687474703A2F2F6F6373702E696E742D78332E6C657473656E63727970742E6F7267302F06082B060105050730028623687474703A2F2F636572742E696E742D78332E6C657473656E63727970742E6F72672F30200603551D110419301782156C6162732E726564656475636174696F6E2E636F6D3081FE0603551D200481F63081F33008060667810C0102013081E6060B2B0601040182DF130101013081D6302606082B06010505070201161A687474703A2F2F6370732E6C657473656E63727970742E6F72673081AB06082B0601050507020230819E0C819B54686973204365727469666963617465206D6179206F6E6C792062652072656C6965642075706F6E2062792052656C79696E67205061727469657320616E64206F6E6C7920696E206163636F7264616E636520776974682074686520436572746966696361746520506F6C69637920666F756E642061742068747470733A2F2F6C657473656E63727970742E6F72672F7265706F7369746F72792F300D06092A864886F70D01010B050003820101005AA6D0CAD9F3469EE9A2C33A1FA77F85785742FC09F3B65D7D14E9324FE38569AEE13DD6BCF2A71698B7DD57199E2B94FAE5C3C55B62A3A417473276D57386A4732BB0F3D116C399DF67A3E6F698F5CC70CD41ED93C0660FB8520BF5F41CCCCCCC2ACBB3EE421D59CCE78090A6814F2CCF46682A9CFDF4908B49AF1107E2A7AC9895E29C2EC5BFE92500A2F2A7C6450C438B92624DB919EDD277747E6ED669D171485094429A637989F12B76AF834584F861AFC93DC13B5ABB9D0FE0B4AECE2C15A8A73D22C411D14C09111CB02BDEA4AD839300827AB1C28E837452D1953364B94A676457D98B7BC8EF454F9AA7612D8312A2F3CFBC0FF41F5EF5B5B0D24D09000496308204923082037AA00302010202100A0141420000015385736A0B85ECA708300D06092A864886F70D01010B0500303F31243022060355040A131B4469676974616C205369676E617475726520547275737420436F2E311730150603550403130E44535420526F6F74204341205833301E170D3136303331373136343034365A170D3231303331373136343034365A304A310B300906035504061302555331163014060355040A130D4C6574277320456E6372797074312330210603550403131A4C6574277320456E637279707420417574686F7269747920583330820122300D06092A864886F70D01010105000382010F003082010A02820101009CD30CF05AE52E47B7725D3783B3686330EAD735261925E1BDBE35F170922FB7B84B4105ABA99E350858ECB12AC468870BA3E375E4E6F3A76271BA7981601FD7919A9FF3D0786771C8690E9591CFFEE699E9603C48CC7ECA4D7712249D471B5AEBB9EC1E37001C9CAC7BA705EACE4AEBBD41E53698B9CBFD6D3C9668DF232A42900C867467C87FA59AB8526114133F65E98287CBDBFA0E56F68689F3853F9786AFB0DC1AEF6B0D95167DC42BA065B299043675806BAC4AF31B9049782FA2964F2A20252904C674C0D031CD8F31389516BAA833B843F1B11FC3307FA27931133D2D36F8E3FCF2336AB93931C5AFC48D0D1D641633AAFA8429B6D40BC0D87DC3930203010001A382017D3082017930120603551D130101FF040830060101FF020100300E0603551D0F0101FF040403020186307F06082B0601050507010104733071303206082B060105050730018626687474703A2F2F697372672E747275737469642E6F6373702E6964656E74727573742E636F6D303B06082B06010505073002862F687474703A2F2F617070732E6964656E74727573742E636F6D2F726F6F74732F647374726F6F74636178332E703763301F0603551D23041830168014C4A7B1A47B2C71FADBE14B9075FFC4156085891030540603551D20044D304B3008060667810C010201303F060B2B0601040182DF130101013030302E06082B060105050702011622687474703A2F2F6370732E726F6F742D78312E6C657473656E63727970742E6F7267303C0603551D1F043530333031A02FA02D862B687474703A2F2F63726C2E6964656E74727573742E636F6D2F445354524F4F544341583343524C2E63726C301D0603551D0E04160414A84A6A63047DDDBAE6D139B7A64565EFF3A8ECA1300D06092A864886F70D01010B05000382010100DD33D711F3635838DD1815FB0955BE7656B97048A56947277BC2240892F15A1F4A1229372474511C6268B8CD957067E5F7A4BC4E2851CD9BE8AE879DEAD8BA5AA1019ADCF0DD6A1D6AD83E57239EA61E04629AFFD705CAB71F3FC00A48BC94B0B66562E0C154E5A32AAD20C4E9E6BBDCC8F6B5C332A398CC77A8E67965072BCB28FE3A165281CE520C2E5F83E8D50633FB776CCE40EA329E1F925C41C1746C5B5D0A5F33CC4D9FAC38F02F7B2C629DD9A3916F251B2F90B119463DF67E1BA67A87B9A37A6D18FA25A5918715E0F2162F58B0062F2C6826C64B98CDDA9F0CF97F90ED434A12444E6F737A28EAA4AA6E7B4C7D87DDE0C90244A787AFC3345BB442
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} Sending OOB to (RD ) msg_id (4)
Sep 28 21:55:15 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: RD: [C] 180.150.104.94.62894 i 172.31.0.4.443: Received OOB request: Sign data with clientSSL RSA key
Sep 28 21:55:15 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: RD: [C] 180.150.104.94.62894 i 172.31.0.4.443: Sending OOB reply
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_OOB
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} Received OOB from (RD ) msg_id: 4; data_len: 256
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} OOB data: C92AD7E3B3CF55FDB506CE14A7AC21DCA70C2ABDD6A4A93D468DDE5478EB31E82336FA9F9A39151DAA6185B4176C24D9EB57B1B2BC3F25A83D3D15A6D048D940E2558D863ADCE1D90F9A5B53C001C78EF948F6B0DFFA0544817DF81FDD7A4CE97C7EDEAFE09202C0076F56D64418232454AC1EF71B53B897A53C4ABAF21EE4007F347CD5DDA4EAC619575B10CC4A28F32917788D09AEAC83B71DFB68FAE006A655AFE3140AC3AAEC42F01115EBAF486048442DC81D90EE7926A5177A35B36276021E5627F9A1414AD2F367240AB7FEFE665C8B193A73BA2573A27DFA55316427F765E1CF299C8EA3266A6B41EF61C5B8D6FE7506FB6293976013AE86B084F611
Sep 28 21:55:15 vpn2 notice vdi[21202]: 019c0001:5: /Common/ap_access:Common:781c1777: Starting RDP 'Desktop' from resource '/Common/PA-Traps-ESMA'
Sep 28 21:55:15 vpn2 notice vdi[21202]: 019c0001:5: /Common/ap_access:Common:781c1777: Starting RDP 'Desktop' from resource '/Common/PA-Traps-ESMA'
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} <- HttpMessageStarted
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} BHL_OnCall: Got HttpMessageStarted
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} CHL::StartSending isRequest 1
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} ClientHttpLink::InitiateTransaction , isRequest 0
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} <- HttpResponse[HTTP/1.1 200 OK]
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} BHL_OnCall: Got HttpResponse[HTTP/1.1 200 OK]
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} <- HttpHeaders[5]
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} ConnectionClose=0
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} BHL_OnCall: Got HttpHeaders[5]
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} CHL::AccomplishSendingHeaders isRequest 0
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} <- Payload[4419]
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} BHL_OnCall: Got Payload[4419]
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} <- HttpMessageCompleted
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} BHL_OnCall: Got HttpMessageCompleted
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} CHL::CompleteSending isRequest 0
Sep 28 21:55:15 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: New connection 180.150.104.94 62895 172.31.0.4 443 on tmm 0 0
Sep 28 21:55:15 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: New connection 180.150.104.94 62897 172.31.0.4 443 on tmm 0 0
Sep 28 21:55:15 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Request (RDG_OUT_DATA /remoteDesktopGateway/ HTTP/1.1 Cache-Control: no-cache Connection: Upgrade Pragma: no-cache Upgrade: websocket Accept: */* User-Agent: MS-RDGateway/1.0 RDG-Connection-Id: {921883D0-32FB-4DF2-8BF4-E0546C34C84B} RDG-Auth-Scheme: PAA RDG-Correlation-Id: {BD6AEE22-4900-4769-AD2B-7A8109080000} RDG-Client-Generation: Win32#10.0=5 Sec-WebSocket-Key: CzMFo21ubRx0ptcT3JAc/g== Sec-WebSocket-Version: 13 Host: my.site.com )
Sep 28 21:55:15 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Client-type (rdg-http)
Sep 28 21:55:15 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Got rdg-http OUT on tmm 0 0 ntlm_done 0
Sep 28 21:55:15 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Created RDG session {921883D0-32FB-4DF2-8BF4-E0546C34C84B} on tmm 0 0.
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5e.C} TMEVT_OPEN
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5e.C} TMEVT_REQUEST
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5e.C} CHL::PassToOutput HttpMessageStarted isRequest 1 forward 0
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5e.C} -> HttpMessageStarted
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5e.C} CHL::PassToOutput HttpRequest[RDG_OUT_DATA /remoteDesktopGateway/ HTTP/1.1] isRequest 1 forward 0
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5e.C} -> HttpRequest[RDG_OUT_DATA /remoteDesktopGateway/ HTTP/1.1]
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5e.C} CHL::PassToOutput HttpHeaders[14] isRequest 1 forward 0
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5e.C} -> HttpHeaders[14]
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5e.C} ConnectionClose=0
Sep 28 21:55:15 vpn2 info vdi[21202]: 019cffff:6: /Common/ap_access:Common:00000000: {5e.C} New 'RDG-HTTP' request from 180.150.104.94:62895 to 172.31.0.4:443
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5e.C} TMEVT_REQUEST_DONE
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5e.C} CHL::PassToOutput HttpMessageCompleted isRequest 1 forward 0
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5e.C} -> HttpMessageCompleted
Sep 28 21:55:15 vpn2 info vdi[21202]: 019cffff:6: /Common/ap_access:Common:00000000: {5e.C} RDG connection from APM Webtop
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5e.C} <- HttpMessageStarted
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5e.C} BHL_OnCall: Got HttpMessageStarted
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5e.C} CHL::StartSending isRequest 1
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5e.C} ClientHttpLink::InitiateTransaction , isRequest 0
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5e.C} <- HttpResponse[HTTP/1.1 200 OK]
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5e.C} BHL_OnCall: Got HttpResponse[HTTP/1.1 200 OK]
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5e.C} <- HttpHeaders[0]
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5e.C} ConnectionClose=0
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5e.C} BHL_OnCall: Got HttpHeaders[0]
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5e.C} CHL::AccomplishSendingHeaders isRequest 0
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5e.C} <- Payload[10]
Sep 28 21:55:15 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5e.C} BHL_OnCall: Got Payload[10]
Sep 28 21:55:15 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: New connection 180.150.104.94 62898 172.31.0.4 443 on tmm 0 1
Sep 28 21:55:15 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Request (RDG_IN_DATA /remoteDesktopGateway/ HTTP/1.1 Cache-Control: no-cache Connection: Keep-Alive Pragma: no-cache Accept: */* User-Agent: MS-RDGateway/1.0 RDG-Connection-Id: {921883D0-32FB-4DF2-8BF4-E0546C34C84B} RDG-Auth-Scheme: PAA RDG-Correlation-Id: {BD6AEE22-4900-4769-AD2B-7A8109080000} Host: my.site.com )
Sep 28 21:55:15 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Client-type (rdg-http)
Sep 28 21:55:15 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Got rdg-http IN on tmm 0 1 ntlm_done 0
Sep 28 21:55:15 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Found established RDG session {921883D0-32FB-4DF2-8BF4-E0546C34C84B} on tmm 0 0. Redirect.
Sep 28 21:55:16 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: New connection 98.219.150.106 63876 172.31.0.4 443 on tmm 0 1
Sep 28 21:55:17 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Request (POST / HTTP/1.1 Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko Host: X.X.X.X Content-Length: 424 Cache-Control: no-cache )
Sep 28 21:55:17 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Client-type (none)
Sep 28 21:55:17 vpn2 notice tmm1[24457]: 01490506:5: /Common/ap_access:Common:d041dc01: Received User-Agent header: Mozilla%2f5.0%20(Windows%20NT%206.1%3b%20WOW64%3b%20Trident%2f7.0%3b%20rv%3a11.0)%20like%20Gecko.
Sep 28 21:55:17 vpn2 notice tmm1[24457]: 01490506:5: /Common/ap_access:Common:d041dc01: Received User-Agent header: Mozilla%2f5.0%20(Windows%20NT%206.1%3b%20WOW64%3b%20Trident%2f7.0%3b%20rv%3a11.0)%20like%20Gecko.
Sep 28 21:55:17 vpn2 notice tmm1[24457]: 01490500:5: /Common/ap_access:Common:d041dc01: New session from client IP 98.219.150.106 (ST=Ohio/CC=US/C=NA) at VIP 172.31.0.4 Listener /Common/vs_my.site.com_443 (Reputation=Unknown)
Sep 28 21:55:17 vpn2 notice tmm1[24457]: 01490500:5: /Common/ap_access:Common:d041dc01: New session from client IP 98.219.150.106 (ST=Ohio/CC=US/C=NA) at VIP 172.31.0.4 Listener /Common/vs_my.site.com_443 (Reputation=Unknown)
Sep 28 21:55:17 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: New connection 98.219.150.106 63877 172.31.0.4 443 on tmm 0 0
Sep 28 21:55:18 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Request (GET /my.policy HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko Host: X.X.X.X Cache-Control: no-cache Connection: Keep-Alive )
Sep 28 21:55:18 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Client-type (none)
Sep 28 21:55:18 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: New connection 98.219.150.106 63878 172.31.0.4 443 on tmm 0 1
Sep 28 21:55:18 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Request (GET /my.logout.php3?errorcode=19 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko Host: X.X.X.X Cache-Control: no-cache Connection: Keep-Alive )
Sep 28 21:55:18 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Client-type (none)
Sep 28 21:55:27 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: RD: [C] 180.150.104.94.62898 i 172.31.0.4.443: server-side connection was reset, reason: TCP retransmit timeout
Sep 28 21:55:27 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: RD: [S] 172.31.0.4.443 i 180.150.104.94.62898: server-side connection was reset, reason: TCP retransmit timeout
Sep 28 21:55:27 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5e.C} TMEVT_ABORT_PEER
Sep 28 21:55:27 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5e.C} TMEVT_ABORT_PROXY
Sep 28 21:55:27 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5e.C} TMEVT_CLOSE
Sep 28 21:55:27 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5e.C} -> ~D
Sep 28 21:55:27 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: RD: [C] 180.150.104.94.62895 i 172.31.0.4.443: server-side connection was reset, reason: TCP RST from remote system
Sep 28 21:55:27 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: No more connections associate with RDG session {921883D0-32FB-4DF2-8BF4-E0546C34C84B}. Deleted the session.
Sep 28 21:55:27 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5e.C} BHL_OnDispose
Sep 28 21:55:30 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:781c1777: Request (GET /f5vdi/rdp/launch/Common/PA-Traps-ESMA HTTP/1.1 Host: my.site.com Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 Referer: https://my.site.com/vdesk/webtop.eui?webtop=/Common/wt_my.site.com&webtop_type=webtop_full Accept-Encoding: gzip, deflate, br Accept-Language: en-AU,en-GB;q=0.8,en-US;q=0.6,en;q=0.4 Cookie: __unam=3551c63-15e9bb33c4b-bdf5c05-3; _ga=GA1.2.2101453515.1505850769; F5_fullWT=1; F5_ST=1506598739c900c100c1506598739c604800c600c; LastMRH_Session=781c1777; MRHSession=0b1c1fee9ba6624c3a7223e5781c1777; TIN=837000 )
Sep 28 21:55:30 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:781c1777: Client-type (apm-webtop)
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_REQUEST
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} CHL::PassToOutput HttpMessageStarted isRequest 1 forward 0
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} -> HttpMessageStarted
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} CHL::PassToOutput HttpRequest[GET /f5vdi/rdp/launch/Common/PA-Traps-ESMA HTTP/1.1] isRequest 1 forward 0
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} -> HttpRequest[GET /f5vdi/rdp/launch/Common/PA-Traps-ESMA HTTP/1.1]
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} CHL::PassToOutput HttpHeaders[10] isRequest 1 forward 0
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} -> HttpHeaders[10]
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} ConnectionClose=0
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} HttpRecv: Got headers
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_REQUEST_DONE
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} CHL::PassToOutput HttpMessageCompleted isRequest 1 forward 0
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} -> HttpMessageCompleted
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} HttpRecv: Completed!
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.781c1777.session.assigned.resources.rd' = '/Common/PA-Traps-ESMA /Common/PA-Traps-ESMB /Common/PA-Traps-W10 /Common/PA-Traps-Win7-32 /Common/PA-Traps-Win7-64'
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.781c1777.session.snapshotid' = '2d1b222a7cb30_9ooooooooooooooooo'
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.2d1b222a7cb30_9ooooooooooooooooo.config.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.type' = 'rdp'
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.2d1b222a7cb30_9ooooooooooooooooo.config.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.native_client' = '1'
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.2d1b222a7cb30_9ooooooooooooooooo.config.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.server_type' = '0'
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.781c1777.session.snapshotid' = '2d1b222a7cb30_9ooooooooooooooooo'
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.2d1b222a7cb30_9ooooooooooooooooo.config.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.user_defined_dst' = '0'
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.2d1b222a7cb30_9ooooooooooooooooo.config.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.host' = '%{session.custom.traps.rdp.destination}'
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.781c1777.session.custom.traps.rdp.destination' = '172.30.7.205'
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.2d1b222a7cb30_9ooooooooooooooooo.config.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.port' = '3391'
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17SetSessionDBValue result 'tmm.session.781c1777.session.autocleanup.tmm.vdi.rdp.token.xj1Gf3fcJtrmTPur_2ZU_A' = ''
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17SetSessionDBValue result 'tmm.vdi.rdp.token.xj1Gf3fcJtrmTPur_2ZU_A' = '0b1c1fee9ba6624c3a7223e5781c1777|/Common/PA-Traps-ESMA|172.30.7.205:3391'
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.781c1777.session.client.platform' = 'Win10'
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.781c1777.session.snapshotid' = '2d1b222a7cb30_9ooooooooooooooooo'
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.2d1b222a7cb30_9ooooooooooooooooo.config.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.config_template' = 'autoreconnection enabled:i:0'
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.781c1777.session.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.domain' = 'PAN.aep'
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.781c1777.session.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.username' = 'administrator'
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.781c1777.session.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.password' = '********'
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} Sending OOB to (RD ) msg_id (2)
Sep 28 21:55:30 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: RD: [C] 180.150.104.94.62894 i 172.31.0.4.443: Received OOB request: Get Clientssl certificate
Sep 28 21:55:30 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: RD: [C] 180.150.104.94.62894 i 172.31.0.4.443: Sending OOB reply
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_OOB
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} Received OOB from (RD ) msg_id: 2; data_len: 2480
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} OOB data: 0009AD0005113082050D308203F5A0030201020212037C3EBCE063F5DB3A3048CFC57D72524735300D06092A864886F70D01010B0500304A310B300906035504061302555331163014060355040A130D4C6574277320456E6372797074312330210603550403131A4C6574277320456E637279707420417574686F72697479205833301E170D3137303932353233333930305A170D3137313232343233333930305A3020311E301C060355040313156C6162732E726564656475636174696F6E2E636F6D30820122300D06092A864886F70D01010105000382010F003082010A0282010100CC6F05377EC5A1A3A7C89EFF4FAFE45EE9492427068982164B812BD57C531BA1CAC8F78B917C53CC651321B39377CC1D7AF2F6F278671D72D11511F9DE3C84B56D66B35F333BA3137EB2DB0D135DF6DA309C03A135E9FEA33FDBEABD8D62F035CE3B364DD33AE84A5A2D44294FCF9FED17FA2E11AF7D212E2BFB612B4F90D57EEED906B3CEEA7A10E140D6DF96AB34AF25B393C73F9ECC573B8A14CA6EE4A6DB28CA3BC0074141F62F0E95B71A15B6435C9658D48A251388757B3C38EE8C9771C5B1B2468967BB9BA8B0FBB43FE18D597F9FE3B5D8C727D8C1B0B024B233F234D954F00EB6A95C5CC9370096E5CBC7870F6F29AD4087A3459F4F410905039C450203010001A382021530820211300E0603551D0F0101FF0404030205A0301D0603551D250416301406082B0601050507030106082B06010505070302300C0603551D130101FF04023000301D0603551D0E04160414B9B946BD35189C979C4A4FDA709426DF7DF9FF48301F0603551D23041830168014A84A6A63047DDDBAE6D139B7A64565EFF3A8ECA1306F06082B0601050507010104633061302E06082B060105050730018622687474703A2F2F6F6373702E696E742D78332E6C657473656E63727970742E6F7267302F06082B060105050730028623687474703A2F2F636572742E696E742D78332E6C657473656E63727970742E6F72672F30200603551D110419301782156C6162732E726564656475636174696F6E2E636F6D3081FE0603551D200481F63081F33008060667810C0102013081E6060B2B0601040182DF130101013081D6302606082B06010505070201161A687474703A2F2F6370732E6C657473656E63727970742E6F72673081AB06082B0601050507020230819E0C819B54686973204365727469666963617465206D6179206F6E6C792062652072656C6965642075706F6E2062792052656C79696E67205061727469657320616E64206F6E6C7920696E206163636F7264616E636520776974682074686520436572746966696361746520506F6C69637920666F756E642061742068747470733A2F2F6C657473656E63727970742E6F72672F7265706F7369746F72792F300D06092A864886F70D01010B050003820101005AA6D0CAD9F3469EE9A2C33A1FA77F85785742FC09F3B65D7D14E9324FE38569AEE13DD6BCF2A71698B7DD57199E2B94FAE5C3C55B62A3A417473276D57386A4732BB0F3D116C399DF67A3E6F698F5CC70CD41ED93C0660FB8520BF5F41CCCCCCC2ACBB3EE421D59CCE78090A6814F2CCF46682A9CFDF4908B49AF1107E2A7AC9895E29C2EC5BFE92500A2F2A7C6450C438B92624DB919EDD277747E6ED669D171485094429A637989F12B76AF834584F861AFC93DC13B5ABB9D0FE0B4AECE2C15A8A73D22C411D14C09111CB02BDEA4AD839300827AB1C28E837452D1953364B94A676457D98B7BC8EF454F9AA7612D8312A2F3CFBC0FF41F5EF5B5B0D24D09000496308204923082037AA00302010202100A0141420000015385736A0B85ECA708300D06092A864886F70D01010B0500303F31243022060355040A131B4469676974616C205369676E617475726520547275737420436F2E311730150603550403130E44535420526F6F74204341205833301E170D3136303331373136343034365A170D3231303331373136343034365A304A310B300906035504061302555331163014060355040A130D4C6574277320456E6372797074312330210603550403131A4C6574277320456E637279707420417574686F7269747920583330820122300D06092A864886F70D01010105000382010F003082010A02820101009CD30CF05AE52E47B7725D3783B3686330EAD735261925E1BDBE35F170922FB7B84B4105ABA99E350858ECB12AC468870BA3E375E4E6F3A76271BA7981601FD7919A9FF3D0786771C8690E9591CFFEE699E9603C48CC7ECA4D7712249D471B5AEBB9EC1E37001C9CAC7BA705EACE4AEBBD41E53698B9CBFD6D3C9668DF232A42900C867467C87FA59AB8526114133F65E98287CBDBFA0E56F68689F3853F9786AFB0DC1AEF6B0D95167DC42BA065B299043675806BAC4AF31B9049782FA2964F2A20252904C674C0D031CD8F31389516BAA833B843F1B11FC3307FA27931133D2D36F8E3FCF2336AB93931C5AFC48D0D1D641633AAFA8429B6D40BC0D87DC3930203010001A382017D3082017930120603551D130101FF040830060101FF020100300E0603551D0F0101FF040403020186307F06082B0601050507010104733071303206082B060105050730018626687474703A2F2F697372672E747275737469642E6F6373702E6964656E74727573742E636F6D303B06082B06010505073002862F687474703A2F2F617070732E6964656E74727573742E636F6D2F726F6F74732F647374726F6F74636178332E703763301F0603551D23041830168014C4A7B1A47B2C71FADBE14B9075FFC4156085891030540603551D20044D304B3008060667810C010201303F060B2B0601040182DF130101013030302E06082B060105050702011622687474703A2F2F6370732E726F6F742D78312E6C657473656E63727970742E6F7267303C0603551D1F043530333031A02FA02D862B687474703A2F2F63726C2E6964656E74727573742E636F6D2F445354524F4F544341583343524C2E63726C301D0603551D0E04160414A84A6A63047DDDBAE6D139B7A64565EFF3A8ECA1300D06092A864886F70D01010B05000382010100DD33D711F3635838DD1815FB0955BE7656B97048A56947277BC2240892F15A1F4A1229372474511C6268B8CD957067E5F7A4BC4E2851CD9BE8AE879DEAD8BA5AA1019ADCF0DD6A1D6AD83E57239EA61E04629AFFD705CAB71F3FC00A48BC94B0B66562E0C154E5A32AAD20C4E9E6BBDCC8F6B5C332A398CC77A8E67965072BCB28FE3A165281CE520C2E5F83E8D50633FB776CCE40EA329E1F925C41C1746C5B5D0A5F33CC4D9FAC38F02F7B2C629DD9A3916F251B2F90B119463DF67E1BA67A87B9A37A6D18FA25A5918715E0F2162F58B0062F2C6826C64B98CDDA9F0CF97F90ED434A12444E6F737A28EAA4AA6E7B4C7D87DDE0C90244A787AFC3345BB442
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} Sending OOB to (RD ) msg_id (4)
Sep 28 21:55:30 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: RD: [C] 180.150.104.94.62894 i 172.31.0.4.443: Received OOB request: Sign data with clientSSL RSA key
Sep 28 21:55:30 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: RD: [C] 180.150.104.94.62894 i 172.31.0.4.443: Sending OOB reply
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_OOB
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} Received OOB from (RD ) msg_id: 4; data_len: 256
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} OOB data: C92AD7E3B3CF55FDB506CE14A7AC21DCA70C2ABDD6A4A93D468DDE5478EB31E82336FA9F9A39151DAA6185B4176C24D9EB57B1B2BC3F25A83D3D15A6D048D940E2558D863ADCE1D90F9A5B53C001C78EF948F6B0DFFA0544817DF81FDD7A4CE97C7EDEAFE09202C0076F56D64418232454AC1EF71B53B897A53C4ABAF21EE4007F347CD5DDA4EAC619575B10CC4A28F32917788D09AEAC83B71DFB68FAE006A655AFE3140AC3AAEC42F01115EBAF486048442DC81D90EE7926A5177A35B36276021E5627F9A1414AD2F367240AB7FEFE665C8B193A73BA2573A27DFA55316427F765E1CF299C8EA3266A6B41EF61C5B8D6FE7506FB6293976013AE86B084F611
Sep 28 21:55:30 vpn2 notice vdi[21202]: 019c0001:5: /Common/ap_access:Common:781c1777: Starting RDP 'Desktop' from resource '/Common/PA-Traps-ESMA'
Sep 28 21:55:30 vpn2 notice vdi[21202]: 019c0001:5: /Common/ap_access:Common:781c1777: Starting RDP 'Desktop' from resource '/Common/PA-Traps-ESMA'
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} <- HttpMessageStarted
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} BHL_OnCall: Got HttpMessageStarted
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} CHL::StartSending isRequest 1
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} ClientHttpLink::InitiateTransaction , isRequest 0
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} <- HttpResponse[HTTP/1.1 200 OK]
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} BHL_OnCall: Got HttpResponse[HTTP/1.1 200 OK]
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} <- HttpHeaders[5]
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} ConnectionClose=0
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} BHL_OnCall: Got HttpHeaders[5]
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} CHL::AccomplishSendingHeaders isRequest 0
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} <- Payload[4419]
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} BHL_OnCall: Got Payload[4419]
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} <- HttpMessageCompleted
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} BHL_OnCall: Got HttpMessageCompleted
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} CHL::CompleteSending isRequest 0
Sep 28 21:55:30 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: New connection 180.150.104.94 62903 172.31.0.4 443 on tmm 0 0
Sep 28 21:55:30 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: New connection 180.150.104.94 62905 172.31.0.4 443 on tmm 0 0
Sep 28 21:55:30 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Request (RDG_OUT_DATA /remoteDesktopGateway/ HTTP/1.1 Cache-Control: no-cache Connection: Upgrade Pragma: no-cache Upgrade: websocket Accept: */* User-Agent: MS-RDGateway/1.0 RDG-Connection-Id: {2586E326-34BE-4F51-AB1A-7D4023B48047} RDG-Auth-Scheme: PAA RDG-Correlation-Id: {E3075003-142F-4619-BA4B-CDA4BAF10000} RDG-Client-Generation: Win32#10.0=5 Sec-WebSocket-Key: 7KcW6feast4Ss6+7KSBr/g== Sec-WebSocket-Version: 13 Host: my.site.com )
Sep 28 21:55:30 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Client-type (rdg-http)
Sep 28 21:55:30 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Got rdg-http OUT on tmm 0 0 ntlm_done 0
Sep 28 21:55:30 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Created RDG session {2586E326-34BE-4F51-AB1A-7D4023B48047} on tmm 0 0.
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5f.C} TMEVT_OPEN
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5f.C} TMEVT_REQUEST
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5f.C} CHL::PassToOutput HttpMessageStarted isRequest 1 forward 0
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5f.C} -> HttpMessageStarted
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5f.C} CHL::PassToOutput HttpRequest[RDG_OUT_DATA /remoteDesktopGateway/ HTTP/1.1] isRequest 1 forward 0
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5f.C} -> HttpRequest[RDG_OUT_DATA /remoteDesktopGateway/ HTTP/1.1]
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5f.C} CHL::PassToOutput HttpHeaders[14] isRequest 1 forward 0
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5f.C} -> HttpHeaders[14]
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5f.C} ConnectionClose=0
Sep 28 21:55:30 vpn2 info vdi[21202]: 019cffff:6: /Common/ap_access:Common:00000000: {5f.C} New 'RDG-HTTP' request from 180.150.104.94:62903 to 172.31.0.4:443
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5f.C} TMEVT_REQUEST_DONE
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5f.C} CHL::PassToOutput HttpMessageCompleted isRequest 1 forward 0
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5f.C} -> HttpMessageCompleted
Sep 28 21:55:30 vpn2 info vdi[21202]: 019cffff:6: /Common/ap_access:Common:00000000: {5f.C} RDG connection from APM Webtop
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5f.C} <- HttpMessageStarted
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5f.C} BHL_OnCall: Got HttpMessageStarted
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5f.C} CHL::StartSending isRequest 1
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5f.C} ClientHttpLink::InitiateTransaction , isRequest 0
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5f.C} <- HttpResponse[HTTP/1.1 200 OK]
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5f.C} BHL_OnCall: Got HttpResponse[HTTP/1.1 200 OK]
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5f.C} <- HttpHeaders[0]
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5f.C} ConnectionClose=0
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5f.C} BHL_OnCall: Got HttpHeaders[0]
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5f.C} CHL::AccomplishSendingHeaders isRequest 0
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5f.C} <- Payload[10]
Sep 28 21:55:30 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5f.C} BHL_OnCall: Got Payload[10]
Sep 28 21:55:30 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: New connection 180.150.104.94 62906 172.31.0.4 443 on tmm 0 1
Sep 28 21:55:30 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Request (RDG_IN_DATA /remoteDesktopGateway/ HTTP/1.1 Cache-Control: no-cache Connection: Keep-Alive Pragma: no-cache Accept: */* User-Agent: MS-RDGateway/1.0 RDG-Connection-Id: {2586E326-34BE-4F51-AB1A-7D4023B48047} RDG-Auth-Scheme: PAA RDG-Correlation-Id: {E3075003-142F-4619-BA4B-CDA4BAF10000} Host: my.site.com )
Sep 28 21:55:30 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Client-type (rdg-http)
Sep 28 21:55:30 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Got rdg-http IN on tmm 0 1 ntlm_done 0
Sep 28 21:55:30 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Found established RDG session {2586E326-34BE-4F51-AB1A-7D4023B48047} on tmm 0 0. Redirect.
Sep 28 21:55:42 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: RD: [C] 180.150.104.94.62906 i 172.31.0.4.443: server-side connection was reset, reason: TCP retransmit timeout
Sep 28 21:55:42 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: RD: [S] 172.31.0.4.443 i 180.150.104.94.62906: server-side connection was reset, reason: TCP retransmit timeout
Sep 28 21:55:42 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5f.C} TMEVT_ABORT_PEER
Sep 28 21:55:42 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5f.C} TMEVT_ABORT_PROXY
Sep 28 21:55:42 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5f.C} TMEVT_CLOSE
Sep 28 21:55:42 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5f.C} -> ~D
Sep 28 21:55:42 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {5f.C} BHL_OnDispose
Sep 28 21:55:42 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: RD: [C] 180.150.104.94.62903 i 172.31.0.4.443: server-side connection was reset, reason: TCP RST from remote system
Sep 28 21:55:42 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: No more connections associate with RDG session {2586E326-34BE-4F51-AB1A-7D4023B48047}. Deleted the session.
Sep 28 21:55:46 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:781c1777: Request (GET /f5vdi/rdp/launch/Common/PA-Traps-ESMA HTTP/1.1 Host: my.site.com Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 Referer: https://my.site.com/vdesk/webtop.eui?webtop=/Common/wt_my.site.com&webtop_type=webtop_full Accept-Encoding: gzip, deflate, br Accept-Language: en-AU,en-GB;q=0.8,en-US;q=0.6,en;q=0.4 Cookie: __unam=3551c63-15e9bb33c4b-bdf5c05-3; _ga=GA1.2.2101453515.1505850769; F5_fullWT=1; F5_ST=1506598739c900c100c1506598739c604800c600c; LastMRH_Session=781c1777; MRHSession=0b1c1fee9ba6624c3a7223e5781c1777; TIN=837000 )
Sep 28 21:55:46 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:781c1777: Client-type (apm-webtop)
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_REQUEST
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} CHL::PassToOutput HttpMessageStarted isRequest 1 forward 0
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} -> HttpMessageStarted
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} CHL::PassToOutput HttpRequest[GET /f5vdi/rdp/launch/Common/PA-Traps-ESMA HTTP/1.1] isRequest 1 forward 0
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} -> HttpRequest[GET /f5vdi/rdp/launch/Common/PA-Traps-ESMA HTTP/1.1]
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} CHL::PassToOutput HttpHeaders[10] isRequest 1 forward 0
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} -> HttpHeaders[10]
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} ConnectionClose=0
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} HttpRecv: Got headers
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_REQUEST_DONE
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} CHL::PassToOutput HttpMessageCompleted isRequest 1 forward 0
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} -> HttpMessageCompleted
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} HttpRecv: Completed!
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.781c1777.session.assigned.resources.rd' = '/Common/PA-Traps-ESMA /Common/PA-Traps-ESMB /Common/PA-Traps-W10 /Common/PA-Traps-Win7-32 /Common/PA-Traps-Win7-64'
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.781c1777.session.snapshotid' = '2d1b222a7cb30_9ooooooooooooooooo'
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.2d1b222a7cb30_9ooooooooooooooooo.config.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.type' = 'rdp'
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.2d1b222a7cb30_9ooooooooooooooooo.config.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.native_client' = '1'
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.2d1b222a7cb30_9ooooooooooooooooo.config.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.server_type' = '0'
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.781c1777.session.snapshotid' = '2d1b222a7cb30_9ooooooooooooooooo'
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.2d1b222a7cb30_9ooooooooooooooooo.config.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.user_defined_dst' = '0'
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.2d1b222a7cb30_9ooooooooooooooooo.config.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.host' = '%{session.custom.traps.rdp.destination}'
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.781c1777.session.custom.traps.rdp.destination' = '172.30.7.205'
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.2d1b222a7cb30_9ooooooooooooooooo.config.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.port' = '3391'
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17SetSessionDBValue result 'tmm.session.781c1777.session.autocleanup.tmm.vdi.rdp.token.2rkX1ntnq8cw6MHreu5A9w' = ''
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17SetSessionDBValue result 'tmm.vdi.rdp.token.2rkX1ntnq8cw6MHreu5A9w' = '0b1c1fee9ba6624c3a7223e5781c1777|/Common/PA-Traps-ESMA|172.30.7.205:3391'
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.781c1777.session.client.platform' = 'Win10'
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.781c1777.session.snapshotid' = '2d1b222a7cb30_9ooooooooooooooooo'
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.2d1b222a7cb30_9ooooooooooooooooo.config.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.config_template' = 'autoreconnection enabled:i:0'
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.781c1777.session.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.domain' = 'PAN.aep'
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.781c1777.session.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.username' = 'administrator'
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_SESSION_RESULT
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} 17GetSessionDBValue result 'tmm.session.781c1777.session.connectivity_resource_remote_desktop./Common/PA-Traps-ESMA.password' = '********'
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} Sending OOB to (RD ) msg_id (2)
Sep 28 21:55:46 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: RD: [C] 180.150.104.94.62894 i 172.31.0.4.443: Received OOB request: Get Clientssl certificate
Sep 28 21:55:46 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: RD: [C] 180.150.104.94.62894 i 172.31.0.4.443: Sending OOB reply
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_OOB
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} Received OOB from (RD ) msg_id: 2; data_len: 2480
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} OOB data: 0009AD0005113082050D308203F5A0030201020212037C3EBCE063F5DB3A3048CFC57D72524735300D06092A864886F70D01010B0500304A310B300906035504061302555331163014060355040A130D4C6574277320456E6372797074312330210603550403131A4C6574277320456E637279707420417574686F72697479205833301E170D3137303932353233333930305A170D3137313232343233333930305A3020311E301C060355040313156C6162732E726564656475636174696F6E2E636F6D30820122300D06092A864886F70D01010105000382010F003082010A0282010100CC6F05377EC5A1A3A7C89EFF4FAFE45EE9492427068982164B812BD57C531BA1CAC8F78B917C53CC651321B39377CC1D7AF2F6F278671D72D11511F9DE3C84B56D66B35F333BA3137EB2DB0D135DF6DA309C03A135E9FEA33FDBEABD8D62F035CE3B364DD33AE84A5A2D44294FCF9FED17FA2E11AF7D212E2BFB612B4F90D57EEED906B3CEEA7A10E140D6DF96AB34AF25B393C73F9ECC573B8A14CA6EE4A6DB28CA3BC0074141F62F0E95B71A15B6435C9658D48A251388757B3C38EE8C9771C5B1B2468967BB9BA8B0FBB43FE18D597F9FE3B5D8C727D8C1B0B024B233F234D954F00EB6A95C5CC9370096E5CBC7870F6F29AD4087A3459F4F410905039C450203010001A382021530820211300E0603551D0F0101FF0404030205A0301D0603551D250416301406082B0601050507030106082B06010505070302300C0603551D130101FF04023000301D0603551D0E04160414B9B946BD35189C979C4A4FDA709426DF7DF9FF48301F0603551D23041830168014A84A6A63047DDDBAE6D139B7A64565EFF3A8ECA1306F06082B0601050507010104633061302E06082B060105050730018622687474703A2F2F6F6373702E696E742D78332E6C657473656E63727970742E6F7267302F06082B060105050730028623687474703A2F2F636572742E696E742D78332E6C657473656E63727970742E6F72672F30200603551D110419301782156C6162732E726564656475636174696F6E2E636F6D3081FE0603551D200481F63081F33008060667810C0102013081E6060B2B0601040182DF130101013081D6302606082B06010505070201161A687474703A2F2F6370732E6C657473656E63727970742E6F72673081AB06082B0601050507020230819E0C819B54686973204365727469666963617465206D6179206F6E6C792062652072656C6965642075706F6E2062792052656C79696E67205061727469657320616E64206F6E6C7920696E206163636F7264616E636520776974682074686520436572746966696361746520506F6C69637920666F756E642061742068747470733A2F2F6C657473656E63727970742E6F72672F7265706F7369746F72792F300D06092A864886F70D01010B050003820101005AA6D0CAD9F3469EE9A2C33A1FA77F85785742FC09F3B65D7D14E9324FE38569AEE13DD6BCF2A71698B7DD57199E2B94FAE5C3C55B62A3A417473276D57386A4732BB0F3D116C399DF67A3E6F698F5CC70CD41ED93C0660FB8520BF5F41CCCCCCC2ACBB3EE421D59CCE78090A6814F2CCF46682A9CFDF4908B49AF1107E2A7AC9895E29C2EC5BFE92500A2F2A7C6450C438B92624DB919EDD277747E6ED669D171485094429A637989F12B76AF834584F861AFC93DC13B5ABB9D0FE0B4AECE2C15A8A73D22C411D14C09111CB02BDEA4AD839300827AB1C28E837452D1953364B94A676457D98B7BC8EF454F9AA7612D8312A2F3CFBC0FF41F5EF5B5B0D24D09000496308204923082037AA00302010202100A0141420000015385736A0B85ECA708300D06092A864886F70D01010B0500303F31243022060355040A131B4469676974616C205369676E617475726520547275737420436F2E311730150603550403130E44535420526F6F74204341205833301E170D3136303331373136343034365A170D3231303331373136343034365A304A310B300906035504061302555331163014060355040A130D4C6574277320456E6372797074312330210603550403131A4C6574277320456E637279707420417574686F7269747920583330820122300D06092A864886F70D01010105000382010F003082010A02820101009CD30CF05AE52E47B7725D3783B3686330EAD735261925E1BDBE35F170922FB7B84B4105ABA99E350858ECB12AC468870BA3E375E4E6F3A76271BA7981601FD7919A9FF3D0786771C8690E9591CFFEE699E9603C48CC7ECA4D7712249D471B5AEBB9EC1E37001C9CAC7BA705EACE4AEBBD41E53698B9CBFD6D3C9668DF232A42900C867467C87FA59AB8526114133F65E98287CBDBFA0E56F68689F3853F9786AFB0DC1AEF6B0D95167DC42BA065B299043675806BAC4AF31B9049782FA2964F2A20252904C674C0D031CD8F31389516BAA833B843F1B11FC3307FA27931133D2D36F8E3FCF2336AB93931C5AFC48D0D1D641633AAFA8429B6D40BC0D87DC3930203010001A382017D3082017930120603551D130101FF040830060101FF020100300E0603551D0F0101FF040403020186307F06082B0601050507010104733071303206082B060105050730018626687474703A2F2F697372672E747275737469642E6F6373702E6964656E74727573742E636F6D303B06082B06010505073002862F687474703A2F2F617070732E6964656E74727573742E636F6D2F726F6F74732F647374726F6F74636178332E703763301F0603551D23041830168014C4A7B1A47B2C71FADBE14B9075FFC4156085891030540603551D20044D304B3008060667810C010201303F060B2B0601040182DF130101013030302E06082B060105050702011622687474703A2F2F6370732E726F6F742D78312E6C657473656E63727970742E6F7267303C0603551D1F043530333031A02FA02D862B687474703A2F2F63726C2E6964656E74727573742E636F6D2F445354524F4F544341583343524C2E63726C301D0603551D0E04160414A84A6A63047DDDBAE6D139B7A64565EFF3A8ECA1300D06092A864886F70D01010B05000382010100DD33D711F3635838DD1815FB0955BE7656B97048A56947277BC2240892F15A1F4A1229372474511C6268B8CD957067E5F7A4BC4E2851CD9BE8AE879DEAD8BA5AA1019ADCF0DD6A1D6AD83E57239EA61E04629AFFD705CAB71F3FC00A48BC94B0B66562E0C154E5A32AAD20C4E9E6BBDCC8F6B5C332A398CC77A8E67965072BCB28FE3A165281CE520C2E5F83E8D50633FB776CCE40EA329E1F925C41C1746C5B5D0A5F33CC4D9FAC38F02F7B2C629DD9A3916F251B2F90B119463DF67E1BA67A87B9A37A6D18FA25A5918715E0F2162F58B0062F2C6826C64B98CDDA9F0CF97F90ED434A12444E6F737A28EAA4AA6E7B4C7D87DDE0C90244A787AFC3345BB442
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} Sending OOB to (RD ) msg_id (4)
Sep 28 21:55:46 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: RD: [C] 180.150.104.94.62894 i 172.31.0.4.443: Received OOB request: Sign data with clientSSL RSA key
Sep 28 21:55:46 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: RD: [C] 180.150.104.94.62894 i 172.31.0.4.443: Sending OOB reply
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} TMEVT_OOB
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} Received OOB from (RD ) msg_id: 4; data_len: 256
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} OOB data: C92AD7E3B3CF55FDB506CE14A7AC21DCA70C2ABDD6A4A93D468DDE5478EB31E82336FA9F9A39151DAA6185B4176C24D9EB57B1B2BC3F25A83D3D15A6D048D940E2558D863ADCE1D90F9A5B53C001C78EF948F6B0DFFA0544817DF81FDD7A4CE97C7EDEAFE09202C0076F56D64418232454AC1EF71B53B897A53C4ABAF21EE4007F347CD5DDA4EAC619575B10CC4A28F32917788D09AEAC83B71DFB68FAE006A655AFE3140AC3AAEC42F01115EBAF486048442DC81D90EE7926A5177A35B36276021E5627F9A1414AD2F367240AB7FEFE665C8B193A73BA2573A27DFA55316427F765E1CF299C8EA3266A6B41EF61C5B8D6FE7506FB6293976013AE86B084F611
Sep 28 21:55:46 vpn2 notice vdi[21202]: 019c0001:5: /Common/ap_access:Common:781c1777: Starting RDP 'Desktop' from resource '/Common/PA-Traps-ESMA'
Sep 28 21:55:46 vpn2 notice vdi[21202]: 019c0001:5: /Common/ap_access:Common:781c1777: Starting RDP 'Desktop' from resource '/Common/PA-Traps-ESMA'
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} <- HttpMessageStarted
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} BHL_OnCall: Got HttpMessageStarted
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} CHL::StartSending isRequest 1
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} ClientHttpLink::InitiateTransaction , isRequest 0
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} <- HttpResponse[HTTP/1.1 200 OK]
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} BHL_OnCall: Got HttpResponse[HTTP/1.1 200 OK]
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} <- HttpHeaders[5]
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} ConnectionClose=0
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} BHL_OnCall: Got HttpHeaders[5]
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} CHL::AccomplishSendingHeaders isRequest 0
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} <- Payload[4419]
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} BHL_OnCall: Got Payload[4419]
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} <- HttpMessageCompleted
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} BHL_OnCall: Got HttpMessageCompleted
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:781c1777: {5d.C} CHL::CompleteSending isRequest 0
Sep 28 21:55:46 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: New connection 180.150.104.94 62911 172.31.0.4 443 on tmm 0 0
Sep 28 21:55:46 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: New connection 180.150.104.94 62913 172.31.0.4 443 on tmm 0 0
Sep 28 21:55:46 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Request (RDG_OUT_DATA /remoteDesktopGateway/ HTTP/1.1 Cache-Control: no-cache Connection: Upgrade Pragma: no-cache Upgrade: websocket Accept: */* User-Agent: MS-RDGateway/1.0 RDG-Connection-Id: {CF0CD9C0-5461-4159-BD34-9F45131EEA9B} RDG-Auth-Scheme: PAA RDG-Correlation-Id: {158A9F6E-860C-4658-BE9B-639992B70000} RDG-Client-Generation: Win32#10.0=5 Sec-WebSocket-Key: d3oY/pVmhUAEZ0ADMlwKmQ== Sec-WebSocket-Version: 13 Host: my.site.com )
Sep 28 21:55:46 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Client-type (rdg-http)
Sep 28 21:55:46 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Got rdg-http OUT on tmm 0 0 ntlm_done 0
Sep 28 21:55:46 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Created RDG session {CF0CD9C0-5461-4159-BD34-9F45131EEA9B} on tmm 0 0.
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {60.C} TMEVT_OPEN
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {60.C} TMEVT_REQUEST
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {60.C} CHL::PassToOutput HttpMessageStarted isRequest 1 forward 0
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {60.C} -> HttpMessageStarted
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {60.C} CHL::PassToOutput HttpRequest[RDG_OUT_DATA /remoteDesktopGateway/ HTTP/1.1] isRequest 1 forward 0
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {60.C} -> HttpRequest[RDG_OUT_DATA /remoteDesktopGateway/ HTTP/1.1]
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {60.C} CHL::PassToOutput HttpHeaders[14] isRequest 1 forward 0
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {60.C} -> HttpHeaders[14]
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {60.C} ConnectionClose=0
Sep 28 21:55:46 vpn2 info vdi[21202]: 019cffff:6: /Common/ap_access:Common:00000000: {60.C} New 'RDG-HTTP' request from 180.150.104.94:62911 to 172.31.0.4:443
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {60.C} TMEVT_REQUEST_DONE
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {60.C} CHL::PassToOutput HttpMessageCompleted isRequest 1 forward 0
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {60.C} -> HttpMessageCompleted
Sep 28 21:55:46 vpn2 info vdi[21202]: 019cffff:6: /Common/ap_access:Common:00000000: {60.C} RDG connection from APM Webtop
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {60.C} <- HttpMessageStarted
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {60.C} BHL_OnCall: Got HttpMessageStarted
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {60.C} CHL::StartSending isRequest 1
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {60.C} ClientHttpLink::InitiateTransaction , isRequest 0
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {60.C} <- HttpResponse[HTTP/1.1 200 OK]
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {60.C} BHL_OnCall: Got HttpResponse[HTTP/1.1 200 OK]
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {60.C} <- HttpHeaders[0]
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {60.C} ConnectionClose=0
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {60.C} BHL_OnCall: Got HttpHeaders[0]
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {60.C} CHL::AccomplishSendingHeaders isRequest 0
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {60.C} <- Payload[10]
Sep 28 21:55:46 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {60.C} BHL_OnCall: Got Payload[10]
Sep 28 21:55:46 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: New connection 180.150.104.94 62914 172.31.0.4 443 on tmm 0 1
Sep 28 21:55:46 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Request (RDG_IN_DATA /remoteDesktopGateway/ HTTP/1.1 Cache-Control: no-cache Connection: Keep-Alive Pragma: no-cache Accept: */* User-Agent: MS-RDGateway/1.0 RDG-Connection-Id: {CF0CD9C0-5461-4159-BD34-9F45131EEA9B} RDG-Auth-Scheme: PAA RDG-Correlation-Id: {158A9F6E-860C-4658-BE9B-639992B70000} Host: my.site.com )
Sep 28 21:55:46 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Client-type (rdg-http)
Sep 28 21:55:46 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Got rdg-http IN on tmm 0 1 ntlm_done 0
Sep 28 21:55:46 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: Found established RDG session {CF0CD9C0-5461-4159-BD34-9F45131EEA9B} on tmm 0 0. Redirect.
Sep 28 21:55:58 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: RD: [C] 180.150.104.94.62914 i 172.31.0.4.443: server-side connection was reset, reason: TCP retransmit timeout
Sep 28 21:55:58 vpn2 debug tmm1[24457]: 019cffff:7: /Common/ap_access:Common:00000000: RD: [S] 172.31.0.4.443 i 180.150.104.94.62914: server-side connection was reset, reason: TCP retransmit timeout
Sep 28 21:55:58 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: RD: [C] 180.150.104.94.62911 i 172.31.0.4.443: server-side connection was reset, reason: TCP RST from remote system
Sep 28 21:55:58 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {60.C} TMEVT_ABORT_PEER
Sep 28 21:55:58 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {60.C} TMEVT_ABORT_PROXY
Sep 28 21:55:58 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {60.C} TMEVT_CLOSE
Sep 28 21:55:58 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {60.C} -> ~D
Sep 28 21:55:58 vpn2 debug tmm[24457]: 019cffff:7: /Common/ap_access:Common:00000000: No more connections associate with RDG session {CF0CD9C0-5461-4159-BD34-9F45131EEA9B}. Deleted the session.
Sep 28 21:55:58 vpn2 debug vdi[21202]: 019cffff:7: /Common/ap_access:Common:00000000: {60.C} BHL_OnDispose
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment