VMware Horizon Community
bryant1609
Contributor
Contributor
‎10-30-2011 01:47 PM

External Connection to View 4.6

I have View 4.6 setup on a Windows 2008 R2 server.  Internally I can get to my desktops but externally I can't.  I've configured all the ports on the Firewall to the View Connection Server.  Ports 80, 443, 4172 TCP, and 4172 UDP and PCoIP was enable and configured with IP address as 72.68.153.5:4172.  But I still can't connection from outside my network.  So I then added a Security Server to see if that was the issue.  Security Server added without issue and I pointed all the same ports to the Security Server and still nothing.  The error from the client is as followed: The View Connection Server connection Failed.  The server returned an invalid or unrecogized response.  I've setup all the required URLs and used Telnet to ensure the ports are in deed open but still nothing.  I also tried just opening everything to the server and still no good.  I need help soon before we start pushing this into production and it doesn't work as shown to us.

Addresses configured:

72.68.153.5:4172, and https://kalicksec4.kalickphotography.net:443

Clients and server all release 4.6 and all servers are 2008R2.  VCenter 4.1 with View Composer on the server with it.  Testing client is on a  WIndows XP 32 bit workstation

0 Kudos
6 Replies
mittim12
Immortal
Immortal
‎10-30-2011 06:53 PM

I'd take a look at this document and see if you missed anything.

http://communities.vmware.com/docs/DOC-14974

0 Kudos
bryant1609
Contributor
Contributor
‎10-30-2011 07:47 PM

I've looked at this several times and have all my settings as per this document.  And still it doesn't work from External.  Also after adding the Security Server when I enable PCoIP on the Connection Server I can't get to any desktop internally.  My Connection server is named kalickv4, and my Security is named KalickS4.  I've tried to set the External URL to https://kalickv4.domainname.net:443 and https://kalicks4.domainname.net:443, neither of these work.  The PCoIP seeting I tried was 72.68.153.5:4172.  Again not working????  I also watched the Video from  the document you send and all my setting are correct.  I even tried putting the server in a DMZ to ensure the Firewall wasn't stopping anything, NOTHING!!!  I also tried doing this without a Security Server because the View Connection Server is on Windows 2008R2 (64 Bit).  NO GOOD.  But internally and on IPAD everything works fine as long as I don't enable PCoIP on the Connection Server.

0 Kudos
wframe
Contributor
Contributor
‎10-31-2011 11:19 AM

Not sure if this will help - I had to install a second View Connection Server (replica installation) along with a Security Server.  This lets you set up tunneling on the Connection server that is paired with the Security server, while allowing the existing Connection server to continue running as is.

bryant1609
Contributor
Contributor
‎10-31-2011 11:52 AM

Hmm, sounds like that should work but would require another server.  So with a Replica would it use the same Pool but just use the Security Server for External Access?  Or would I have to create an additional Pool just for the second Connection Server?

0 Kudos
mittim12
Immortal
Immortal
‎10-31-2011 12:06 PM

When you pair your security server with a connection broker than the connection broker must also be set to tunnel connections.   If you do not want to tunnel internal connections than you would need to add the replica server as mentioned above.   This way your external users would utilize the security/paired connection broker and then internal users can be directed to the replica.   They can still access the same pool as the replica and initial connection broker replica the ADAM database information between each other.

There must still be something amiss in the configuration though.  If everything in that document was done than there should be no problems accessing machines from the outside world.   You can also check out this pdf document as it goes into some detail on security server architecture.   http://www.vmware.com/pdf/view-46-architecture-planning.pdf

0 Kudos
bryant1609
Contributor
Contributor
‎12-24-2011 03:01 PM

Issue was the View was set to use same port 443 on the same public IP address as the Exchange server.  The View security server was reconfigured to you port 543 for SSL and the Firewall adjusted and the problem was corrected.

0 Kudos