VMware Horizon Community
nasterizer
Contributor
Contributor
Jump to solution

Cannot connect to desktop from External

I have 2 VDM servers running for HA and 1 security machine in my DMZ. Basically everything as per the admin doc. The first day I finished, I rushed home to test connectivity via web access. It worked perfectly. Love at first site.

Second and third day(no changes made) I can access the website and I can authenticate but when i try opening the desktop the client opens in the background for about 10 seconds and then disappears.

I tried using the client application using the global IP assigned to the security server. It connects and the user gets authenticated but when it tries to connect again a new window pops open and it tries for 10-15 seconds then an error comes back stating "Connection to the remote computer failed. its possible the remote conn are not enabled on the remote comp or that the comp or network is too busy"

But using my VPN connection I have no problem connecting.

For the external URL setting in the VDM machines, what port should be specified? Also I cant seem to access the admin page of the security server so is there one in the first place?

Reply
0 Kudos
1 Solution

Accepted Solutions
nkrick
Enthusiast
Enthusiast
Jump to solution

How are you connecting to VDM remotely? Are you using an IP address or FQDN? The "external URL" needs to match the address that you type into the browser or the client. Check the locked.properties file and the settings on your VDM servers to verify that the external URL and port settings are still all correct.

Overall, it sounds like the RDP connection to the VM is not working from external. Another place to look is your firewall. Verify that all the proper ports (as documented in the VDM 2.0 manual) are open in the firewall. Check your firewall logs to see if any traffic is being blocked. Also, make sure that your VDM server Global Settings have "Direct Connect to virtual desktop" set to "No." If you set the "Direct Connect..." to yes, you will have to allow RDP connections through your firewall directly to the VM hosts because the connection will no longer tunnel through the VDM servers.

View solution in original post

Reply
0 Kudos
10 Replies
nkrick
Enthusiast
Enthusiast
Jump to solution

For the external URL setting, use port 443. Also, did you set the "externally resolvable name" on the security server? For the VDM servers, the external name and port are set through the admin section. Security servers do not have an admin area accessible through a web browser, instead you need to edit the "locked.properties" file on the security server. Look at the top of page 41 in the VDM 2.0 user manual (http://www.vmware.com/pdf/vdm20_manual.pdf). I don't know if it is required, but I restarted the VDM service after editing the file.

Reply
0 Kudos
nasterizer
Contributor
Contributor
Jump to solution

I put 443 right now in the external URL for the connection servers and no change. I created the locked.properties file at the initial start of the project and it was working fine. Nothing has changed since the original deployment.

Reply
0 Kudos
nkrick
Enthusiast
Enthusiast
Jump to solution

How are you connecting to VDM remotely? Are you using an IP address or FQDN? The "external URL" needs to match the address that you type into the browser or the client. Check the locked.properties file and the settings on your VDM servers to verify that the external URL and port settings are still all correct.

Overall, it sounds like the RDP connection to the VM is not working from external. Another place to look is your firewall. Verify that all the proper ports (as documented in the VDM 2.0 manual) are open in the firewall. Check your firewall logs to see if any traffic is being blocked. Also, make sure that your VDM server Global Settings have "Direct Connect to virtual desktop" set to "No." If you set the "Direct Connect..." to yes, you will have to allow RDP connections through your firewall directly to the VM hosts because the connection will no longer tunnel through the VDM servers.

Reply
0 Kudos
nasterizer
Contributor
Contributor
Jump to solution

Right on the money!! It was the Direct Connect option that was set to yes. I even saw it but really didnt pay too much mind to it. I was looking for a bigger problem but as soon as I saw your reply, it popped into my head. RDP would have to be allowed directly through PIX in order for it to work.

Thanks alot!!!

Reply
0 Kudos
nkrick
Enthusiast
Enthusiast
Jump to solution

You're welcome. Since this is a new product, there will probably be some growing pains as new users try it out. I installed it about a week ago and loved it immediately. You can't beat the price either, we will be getting the free VDI Starter Kit because we happened to purchase a VI 3 Ent license after Dec 27th. For our small environment, all I have to do is add 2 VDI-bundle 10 packs (at $1800 list each) and I will have a 3 ESX servers with 30 concurrent desktop connections! Just the savings in ESX licensing (using list prices) is over $17,000. I hope VMware doesn't jack up the price when the realize how many ESX licenses they are giving away...

Reply
0 Kudos
VMSE
VMware Employee
VMware Employee
Jump to solution

Hi ,

Just to clarify the VMware licensing conditions for VDM prohibit the use of anything but Desktop Operating Systems as Virtual Machines on ESX hosts that are licensed using VDM bundled licenses. So while VMware will allow any number of ESX hosts to support the VDM2 per desktop licensing model these hosts cannot be used to host server workloads.

Reply
0 Kudos
TomHowarth
Leadership
Leadership
Jump to solution

Moved to the more appropiate VDM forum

Tom Howarth

VMware Communities User Moderator

Tom Howarth VCP / VCAP / vExpert
VMware Communities User Moderator
Blog: http://www.planetvm.net
Contributing author on VMware vSphere and Virtual Infrastructure Security: Securing ESX and the Virtual Environment
Contributing author on VCP VMware Certified Professional on VSphere 4 Study Guide: Exam VCP-410
Reply
0 Kudos
nkrick
Enthusiast
Enthusiast
Jump to solution

Thanks, I am aware of the licensing restrictions. It is worth noting that there is an exception on server loads for the VDM server(s). Since the alternative is to purchase full price ESX licensing that for many companies woudl only host desktop loads for VDI clients anyway, it is still a large cost savings and the ESX licensing only costs ~$1300 per 2-CPU license in the starter kit and add-on bundles (including maintenance). That is far less than the $7000+ for a "full" ESX license that would only be used for VDI desktops anyway.

Reply
0 Kudos
Teovmy
Contributor
Contributor
Jump to solution

Still got the same error. when I connect tot the broker It connects to the VDI a new window pops open for 10-15 seconds in the background and disappear.

Regards. @teovmy http://www.mikes.eu
Reply
0 Kudos
acraiger
Contributor
Contributor
Jump to solution

Just wondering what the solution was.

I'm implementing vmware view 4.5, and I am getting the exact same problem.

I can connect to the security server internally just fine.

When I attempt to connect externally from internet, I get the exact same you described.

It authenticates, I select my pool, and hit connect.

It looks like it is going to connect, it says "connecting"

Then after about 10 seconds I get the popup message "The connection to the remote computer ended."

Reply
0 Kudos