Symantec Privileged Access Management

Hello Everyone,

We're facing two problems we don't have if we connect directly to some windows servers.

First is around 30 minutes RDP freezes and we can't interact with the server viaCA PAM RDP client.

Second is if we leave a RDP session open for a few days, let's say 2 days (starting friday) when we arrive on monday the connections were lost with following errors:

Logs inside box:

Hello Ellery,

Can you please also let us know the version of CA PAM and the Windows OS to which you are connecting to is producing this Error message?

Thanks,
Reatesh.

Windows Servers 2008 R2.

Hello Ellery,

Do you also have the PAM agent installed on the Windows Server or are you performing RDP using the Administrator Account?

One more thing, can you upgrade Java on your desktop / host from where you are accessing the PAM application the latest release 8.101 ( Java™ SE Development Kit 8, Update 101) and let us know the result.

Thanks,

Reatesh.

Hello Ellery,

I did a small test with Windows 10, and I am connecting to this host using the in build Administrator account.

The RDP happens fine, and after almost 18 to 20 minutes of inactivity on the Windows 10 host, I see the following error message..

====================

Error type: RdpException.
Error message: This computer can not connect to the remote computer.
Try connecting again. If the problem continues, contact the owner of the remote computer or your network administrator..

Stack trace:
com.ca.xsuite.app.rdp3.client.handler.TCPStreamHandler.read(Unknown Source)
com.ca.xsuite.app.rdp3.core.layer.channel.BaseITULayer.receive(Unknown Source)
com.ca.xsuite.app.rdp3.core.layer.ITULayer.mainLoop(Unknown Source)
com.ca.xsuite.app.rdp3.client.app.RDesktop.main(Unknown Source)
com.ca.xsuite.launcher.a.n.run(Unknown Source)
java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
java.lang.Thread.run(Unknown Source)

Cause:
Error type: IOException.
Error message: Internal TLS error, this could be an attack.

Stack trace:
com.ca.xsuite.app.rdp3.core.common.libs.org.bouncycastle.crypto.tls.TlsProtocol.failWithError(Unknown Source)
com.ca.xsuite.app.rdp3.core.common.libs.org.bouncycastle.crypto.tls.TlsProtocol.safeReadRecord(Unknown Source)
com.ca.xsuite.app.rdp3.core.common.libs.org.bouncycastle.crypto.tls.TlsProtocol.readApplicationData(Unknown Source)
com.ca.xsuite.app.rdp3.core.common.libs.org.bouncycastle.crypto.tls.TlsInputStream.read(Unknown Source)
com.ca.xsuite.app.rdp3.core.impl.TLS12InputStream.readFully(Unknown Source)
com.ca.xsuite.app.rdp3.client.handler.TCPStreamHandler.read(Unknown Source)
com.ca.xsuite.app.rdp3.core.layer.channel.BaseITULayer.receive(Unknown Source)
com.ca.xsuite.app.rdp3.core.layer.ITULayer.mainLoop(Unknown Source)
com.ca.xsuite.app.rdp3.client.app.RDesktop.main(Unknown Source)
com.ca.xsuite.launcher.a.n.run(Unknown Source)
java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
java.lang.Thread.run(Unknown Source)

================

Along with the error message one more small pop-up window shows this message 

This pop-up is basically hidden under the mail error message.

I am as well using R 2.6 PAM version.

Thanks,

Reatesh.

That's bad.

I hope this is solved on 2.7.

Best,

Ellery

Hello @Ellery,

We would need to wait and check.

Thanks,

Reatesh.

The message is due to applet inactivity.

With PAM 2.6 you get the above error message.

With PAM 2.7 you get an EOFException.

It is better and not as dramatic as with 2.6.

Best regards

Claus

I was told by CA PAM support to try changinf Applet Timeout to a number that represents for example, 5 days! 7200! I'll test it.

Hi Ellery,

Did you try to reset "Applet Timeout"? You can also set it as "0" which means there will be no timeout.

Thanks!

Yong