VMware Horizon Community
whynotq
Commander
Commander
‎04-10-2012 06:52 AM

Security Server in DMZ odd behaviour

I have a security server deployein the DMZ, nothing special, paired with the connection broker ok, resloves DNS ok but I can't connect through it. Can log on and get the pool selection but good old Black Screen when trying to establish connection to PCoIP session and nothing with RDP.

So to me it looks like the internal client firewall is blocking connections but they are telling me that 80/443 & 4172 are all open in both directions, so with limited access to their network anyone got any thoughts on where i can go to get the diagnostics of what is blocking this?

regards

Paul

0 Kudos
5 Replies
juchestyle
Commander
Commander
‎04-10-2012 07:25 AM

Just for troubleshooting, could they temporarily open all ports for a quick 5 minute test.  During that window if everything works you know that it is a port issue and that could help you narrow into the issue.

Kaizen!
0 Kudos
juchestyle
Commander
Commander
‎04-10-2012 07:28 AM

Have you seen this document?

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=102721...

I think you might need a few more ports than just the ones you listed.

  • TCP Ports for View Security Server

    SourceDestinationPortProtocol
    ClientSecurity Server443HTTPS
    ClientSecurity Server80HTTP
    Client 1Security Server4172PCoIP
    (TCP and UDP)
    Security Server1View Desktop Subnet4172PCoIP
    (TCP and UDP)
    Security ServerView Desktop Subnet3389RDP
    Security ServerConnection Broker8009AJP13
    Security ServerConnection Broker4001JMS

Kaizen!
0 Kudos
markbenson
VMware Employee
VMware Employee
‎04-10-2012 11:06 AM

If it works on the internal network and you get a black screen when you try through a Security Server in the DMZ, then it will almost certainly be one of the 3 setup steps not done properly. See http://communities.vmware.com/docs/DOC-14974

This is how others have fixed it.

Mark

0 Kudos
markbenson
VMware Employee
VMware Employee
‎04-10-2012 11:08 AM

The ports you mention for your internal firewall are actually the external (between Internet and DMZ) firewall. Go through the Admin guide carefully.

Mark.

0 Kudos
nonsparker
Enthusiast
Enthusiast
‎04-10-2012 05:57 PM

It sounds like you don't have the PCoIP Gateway funtion enabled on the Replica broker that you paried with your security server. In the "PCoIP External URL" box put the external IP Address for the security server.

Twitter @thickguythinapp
Website thickguythinapp.com
0 Kudos