Setting up PCoIP Remote Access with View 4.6 and Newer

    Starting at version 4.6, View has the ability to support PCoIP remote access through the View Security Server. See View 4.6 Announcement.


    I posted an article back in December 2010 in the End User Computing CTO site about this forthcoming View release and described how it works. See Secure Remote Access with View and PCoIP.


    Some people report that when they setup PCoIP remote access with View 4.6 and try a PCoIP connection from the View Client, they just get a black screen for a few seconds and then an error indicating that the session has ended. On the iPad View Client this problem shows as a message saying "your desktop is loading too slowly". In the vast majority of cases, this was caused because one of the 3 setup steps shown below was not done or not done properly. If you're getting these symptoms, then check very carefully that these 3 simple steps have been done correctly.


    When View Connection Servers and Security Servers are running 4.6 or newer, you can enable this functionality by following these three steps:


    1. Enable PCoIP Gateway functionality on each Connection Server. By default, PCoIP connections are direct from the View Client to the View virtual desktop as they were in View 4.0 and 4.5. If you have some Connection Servers for remote access and some for local access then just do this for the remote access ones. That way local access PCoIP can still be direct to the View virtual desktop. Using View Administrator, go to the Configuration Servers section. Select a Connection Server, select Edit and tick the box "Use PCoIP Secure Gateway for PCoIP connections to desktop". Then for all users of this Connection Server and any Security Servers attached, PCoIP will gateway through either the attached Security Servers or this Connection Server. The server used for the PCoIP gateway (usually the Security Servers) must be running View 4.6 or newer on Windows Server 2008 R2.


    2. On every attached Security Server, set up the “External URL” and the new "PCoIP External URL". These URLs are used by the View Clients to connect to the particular View server. These names and addresses must be resolvable and usable by the clients. If remote connections are made directly to the Connection Server then the External URLs must also be setup on the Connection Server.


    3. Update the firewall to allow PCoIP to pass through. This is:


    PCoIP between View Client and Security Server


    • TCP destination port 4172 from Client to Security Server
    • UDP destination port 4172 from Client to Security Server
    • UDP source port 4172 from Security Server to Client (this is the reply UDP data)


    PCoIP between Security Server and virtual desktop


    • TCP destination port 4172 from Security Server to virtual desktop
    • UDP destination port 4172 from Security Server to virtual desktop
    • UDP source port 4172 from virtual desktop to Security Server (this is the reply UDP data)


    This is in addition to the firewall rules used in View 4.5.


    For further details, refer to the View 4.6 Architecture and Planning Guide and the View Administrator Guide here View Documentation.


    For a more detailed examination of this, take a look at this video. It goes into details on the deployment and architecture for PCoIP remote access with View 4.6 and goes through a worked example involving remote and local access, load balancing, the n+1 VIP model, the external URLs etc. and shows how it is all configured through View Administrator.



    Mark Benson - VMware - View Architect - End User Computing CTO Office