We are testing Horizon View.
We setup a View Server and Security server.
View 192.168.1.5
Security 192.168.1.6
I set virtual.domain.com to go to external ip of Security and internal ip of View. So external users will go to Security first, and internal users will connect directly to View server.
One type can only work at a time. Under view connection server setting>PCoIP Secure Gateway is required with external ip for external users to connect. Enabling this breaks the internal users to connect to their desktops.
That is correct, only one at a time.
You need an additional connection broker and there you can configure it differently.
// Linjo
Well, I wanted external users to use Security server and internal users to use Connection Broker. I set virtual.domain.com to resolve internal and external ip. I couldn't find documentation for proper setup but I think I got both scenarios working. I unchecked others, but us the https option. Both internal and external view clients work.
You're correct in that you should use Security Server for external users and Connection Server for internal users but you are better off having two Connection Servers (one with a Security Server attached and the other without). This way your internal users will have their PCoIP connections go direct to the virtual desktop. You can also set different configuration for each (e.g. using RSA SecurID or RADIUS authentication for external users etc). There's a description of all this here
https://communities.vmware.com/docs/DOC-14974
Mark
VMware KB: Configuring PCoIP Secure Gateway in VMware View
I had a user report it is not working. Please how do I get this working? I want both internal and external to use PCOIP to connect to their desktops.
External users wont work without the PCOIP gateway field filled out. But this somehow breaks PCOIP for the internal users. I may have misconfigured something.
Again, you need to install one more connection broker (a replica) to handle this.
Re-configure your connection server's PCOIP Gateway settings to use its own local IP address.
Keep your security settings the same
then have your internal users use the the connection server(s) internal FQDN.
As Linjo mentioned there should be a separate Connection Server which is dedicated to "View Security Server". And one for Local connections.
Seed the following Diagram. More details are available in "Architecture Planning guide"
http://pubs.vmware.com/view-52/topic/com.vmware.ICbase/PDF/horizon-view-52-architecture-planning.pdf
Thanks for the info. I will review the documentation more thoroughly.
Currently I have setup the new connection server 2. I have relinked the security and connectserver2. I checked pcoip external ip and provided ip. Cant connect to VDI desktop with RDP or PCOIP.
Oh that picture shows different pools, but I am assuming both conneciton servers can use same desktop pool?
edit: currently I only have external ip forwarded to security server. Do I need to get DNS for external working too? I unchecked the Blast and HTTPS secure tunnel that requires DNS.
The picture showing different pools is just an optional feature available with tagging. You may not want that. You're right that both Connection Servers can use the same pool too if you want.
You should set this up like the video here
https://communities.vmware.com/docs/DOC-14974
If you use a DNS name in any of your external URLS, the clients must be able to resolve them
Mark