TS Issues after 2.3.03 firmware update

[smyles]

Hi from Canada;

I have two SSL312s at separate locations. We have been using them here and there for about two years (bought 'em two months before the lifetime warranty kicked in; figures, eh?). Now we need to take them seriously.

I need help on a few matters. The first is relatively minor but still important; the second is serious. There are other issues that can wait until later (but not much later, hopefully).

First, I need a list of valid (or invalid) characters for usernames. I have a requirement to configure usernames with eight characters not limited to numbers and letters (none of that high-order ASCII shite, just +, -, %, &, that kinda stuff).

I was testing a few symbols and found that while a "+" is accepted at the time of creation of the user name, it shows up as a blank space in the user name on the user list page (e.g. "test+2" shows up as "test 2", as in "test<space>2.) Then, while setting up another test user, my finger slipped, so now have one that shows up as "test " (that is, "test<space>"). Seems I can't modify or even delete that user. I really don't know what's up with that.

Second, and this is the show stopper - since updating to Firmware Version 2.3.03, I can no longer connect to any RDP sessions with either ActiveX or Java. VNC works, but not RDP.

I have previously-working bookmarks configured for two different Terminal Servers (one on default port 3389 and the other by appending ":3390" to the IP address by editing the bookmark after initial configuration), as well as to any of several PCs. Connections worked like a charm for either full desktop sessions or with specific apps like Word, Excel, etc. That is, screen resolution and other minor issues aside.

Now I just get "Error: connection failed for this server" in all cases.

I have tried defining the TS by IP address, the NETBIOS name, port forwarding, static routes, and I even bought new string and soup cans.

It does not work from inside the firewall (logging on directly to the internal IP of the SSL312) or from outside through port 443 (SSL traffic forwarded to Ethernet #1 through a Juniper NetScreen NS-5GT).

I know the servers are up, as I can open TS sessions directly to the Terminal Servers and PCs from outside our LAN by opening the ports in the firewall or by connecting from inside the network. Our satellite locations have not been affected whatsoever (they're on an Juniper to Juniper IPSEC VPN), and they run TS day-in, day-out.

On the SSL312 side, I have powered on and off, re-flashed, set up new domains, groups, users, bookmarks, etc.

On the PC side, I have flushed the browser cache, logged on as a brand new user (new profile with no guck in the cache). I tried a couple of different PCs - two XP SP2; one with and one without the Loopback mod and one with SP3, and even connecting from a brand new system with Windows 7 64-bit (not too shabby!).

I can log on through the other SSL312 (still on 2.2.01) from any of those same stations, as well as into the Terminal Servers and PCs here, just not through the SSL312.

I was also hoping the new firmware would deal with some of the other issues, such as Group bookmarks not allowing alternate ports (:3390) and forcing you back to 640x480, or having to use "_" in a bookmark name instead of a space, etc., but so far, all it's done is lock me out.

I know I will likely have to revert to the old firmware and reload the configuration, but this kind of thing happened with the last two firmware updates, and it's getting frustrating.

On top of it, the limitation of a 1024x768 TS window on a 24" monitor (Full Screen just barfs) is raising eyebrows, especially on our Finance Director, who needs real estate for his accounting and spreadsheets.

Any suggestions or assistance would be appreciated. Like the rest of you, I'm overloaded dealing with stuff that works properly, so when I run into things that don't, well, to quote Marvin The Martian, it

"...makes me very angry. Very angry indeed."

Thanks in advance.

Stefan Myles, MCSE Security+