VMware Horizon Community
tdubb123
Expert
Expert

1 to 1 security server paired with connection server?

I got a single horizon view in the internal net that users connect to

I need to setup a security server on the dmz.

Question is can I use the existing connection server and pair it with the security server or do I need to setup a replica connection server and pair it with the security server?

Reply
0 Kudos
1 Reply
mpryor
Commander
Commander

Generally speaking you're going to want to set up another server, though this isn't a hard requirement. While you can run the security server against the existing connection server [CS], some settings are defined at the CS level - one example being turning on/off the PSG. If you use the same server for both internal and external connections you'll invariably need to enable the tunnel and PSG in order to connect externally, but that means internal connections are being unnecessarily routed through the CS instead of going directly to the desktop. Therefore most customers have alternate CSs configured which enable the secure tunnel, PSG, etc. in order for the security servers to pair with and have internal-only CSs which turn off those unneeded features.

Reply
0 Kudos