Identifying/editing SN TS Agent operating settings

Version 1.0 of SN TS Agent does not have a configuration interface: SN TS Agent operating settings can be looked up in the registry base of the server on which it is installed.

To look up/edit these settings:

  1. Open an administrator session on the server on which SN TS Agent is installed.
  2. Open the server's registry base.
  3. Go to:

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\StormshieldRdsDrv\Parameters.

 

The settings of the TS Agent's driver are as follows:

Parameter Description
ExhaustedPortAction

Action performed by the TS agent when no other ports are available for a new connection. The possible values are:

  • Pass: the connection is allowed and has been assigned a port from the range [EphemeralPortMin-EphemeralPortMax].
  • Block: the connection has been blocked.
  • Default value: Block:
PortsPerRange

Number of ports included in each port range assigned to a user:

  • Minimum: 50,
  • Maximum: 1000,
  • Default value: 200.
RangePerUser

Number of port ranges assigned to a user:

  • Minimum: 1,
  • Maximum: 20,
  • Default value: 2.
ReservedSystemPorts

Ports included in the range [TotalPortsRangeLow-TotalPortsRangeHigh] that must be reserved for the operation of the system. These ports cannot be assigned to a user.

They are strings in "aaaa-bbbb" format.

Several strings can be defined.

EXAMPLE

  • 1025-1025: to exclude port 1025,
  • 1025-1358: to exclude the port range [1025-1358].
TcpTimedWaitDelay

Time (in seconds) between the closure of a connection and when the associated port is available again:

  • Minimum: 30,
  • Maximum: 300,
  • Default value: 240.
TotalPortsRangeLow

Lower limit of the port range assigned to a user.

  • Minimum: 1024,
  • Default value: 1024.
TotalPortsRangeHigh

Higher limit of the port range assigned to a user.

  • Maximum: 49151,
  • Default value: 49151.
MaximumNumberRequests

Number of requests that can be processed simultaneously in the driver. This value must be adjusted according to the memory capacity on the server.

  • Minimum: 1,
  • Maximum: 65535,
  • Default value: 512.

NOTE
A value of 0 disables the limit on the number of simultaneous requests.
You are strongly advised against disabling this limit, as it may cause overconsumption of memory on the RDS/Citrix server.

  1. Go to:

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\stormshield-rds-service\Parameters.

 

The settings of the TS Agent service are as follows:

Parameter Description
PSK

Pre-shared key for exchanges with the SNS firewall. This key is entered when SN TS Agent is installed.

NOTE

This registry key must be changed if the pre-shared key is changed on the SNS firewall.

EphemeralPortMin

Lower limit of the range of additional ports that can be assigned to a user when the ExhaustedPortAction setting is set to pass:

  • Minimum: 49152,
  • Maximum: 65535,
  • Default value: 49152.
EphemeralPortMax

Higher limit of the range of additional ports that can be assigned to a user when the ExhaustedPortAction setting is set to pass:

  • Minimum: 49152,
  • Maximum: 65535,
  • Default value: 65535.
LogLevel

Log verbosity for communications between the agent and the firewall.

These logs can be looked up in the event viewer of the server on which the agent is installed:

  • Minimum: 1 (errors only),
  • Maximum: 3 (errors, information and debug).
  • Default value: 2 (errors and information).
ServerPort

Communication port with the SNS firewall. This port is TCP/1303 by default and corresponds to the predefined network object agent_ts on the SNS firewall.

NOTE

This registry key must be changed if the connection port declared on the SNS firewall is different from the object agent_ts (TCP/1303).

SNS Timeout

Duration in seconds before the TS Agent considers the firewall unreachable. Once this duration expires, the TS Agent ends the communication with the firewall. It will then save all information regarding authenticated users and forwards it to the firewall when it manages to restore the connection with the TS Agent.

The possible values are:

  • Minimum: 0,
  • Maximum: 60,
  • Default value: 2.

NOTE
If any changes are made to these registry keys, the server must be restarted to apply the changes.