VMware Horizon Community
jtk78
Contributor
Contributor

Horizon and NAT

Hi,

Trying to understand what mix of VMware technology I need to use to allow lab users to access their environments with Horizon View.  Within our lab, we have 6 different groups of RHEL 7 VMs that must replicate a real world environment as closely as possible.  Therefore each "group" of VMs is contained in its own Port Group and the port group does not have accessibility to any other networks... essentially the VMs are isolated and each port group uses the same range of RFC 1918 addresses (this is required.)  To gain access to the VMs via SSH, each port group has a dedicated NAT device with two NICs, one on the internal range and one on the external side.  We use 1:1 NAT mappings for each VM in the Port Group.

SSH and other communication works fine in this scenario.  However, the task I have is to provide Horizon View access to the RHEL VM's in each "group."  The catch is that I need a single point of access, so a single Horizon Connection server for all groups of VMs... not 1 connection server for each group of VMs.  So essentiall I have NAT between the Connection server and the RHEL Agent.  The agent checks-in and communicates with the Connection server fine.

The problem is when we launch a desktop pool.  the connection fails because the Agent is asking the client to use the RFC 1918 address instead of the external address (or at least, the FQDN of the VM.)  I know in older Citrix days, there were settings to allow for "AltAddr" where the agents is instructed to send the client a different IP than its actual IP.  I also see this is possible with VMware Horizon Direct-Connection Plugin, where an alternate IP can be specified, however Direct-Connection plugin does not support Linux.

Aside from creating 6 different Connection servers and asking my users to rely on 6 different URLs for each "group", any options to keep a single Connection server (or UAG for that matter.)

Thanks!

JTK

Reply
0 Kudos
1 Reply
jrodsguitar
Enthusiast
Enthusiast

Try Secure PCOIP tunnel setting through the UAG. And for external URL setting, set to the external address.

Blog: https://powershell.house/
Reply
0 Kudos