VMware Horizon Community
as900w
Hot Shot
Hot Shot
‎12-02-2018 11:39 PM

How to make all ports of Horizon out from port 443

I want to only enable 443 port on firewall.

Client visit Horizon server with internet.

Can I use VMware UAG ?

Labels (1)
Labels
Reply
0 Kudos
3 Replies
markbenson
VMware Employee
VMware Employee
‎12-03-2018 01:14 PM

Yes. With Unified Access Gateway support access to Horizon from the Internet, everything can be done with just TCP 443.

Other ports are optional. i.e.:

PCoIP on TCP/UDP 4172

Blast on TCP 8443 and UDP 8443

UDP Tunnel on UDP 443

It is normal to allow TCP port 80 as well as TCP port 443. This is just so that Horizon user's don't have to enter https:// http port 80 will redirect to https 443.

Reply
0 Kudos
as900w
Hot Shot
Hot Shot
‎12-04-2018 12:21 AM

Is it configure like this PcoIP use 443?

1.PNG

But, When connection UAG, after user name and password.

show a error:

Could not establish tunnel connection

Reply
0 Kudos
BenFB
Virtuoso
Virtuoso
‎12-11-2018 02:28 PM

Your configuration looks correct. You will need to troubleshoot what is getting blocked. It's likely one of the following.

  • Are DNS queried allowed from the UAG to the DNS server to resolve the connection server URL?
  • Is TCP 443 allowed from the UAG to the connection server.
  • Is TCP 22443 allowed from the UAG to the Horizon Agent.
  • Verify the Blast/PCoIP tunnel is disabled on the connection server.
  • Verify routing is correct from the UAG to the connection server/Horizon Agent.
Reply
0 Kudos