We have hourly employees that we would like to place on View. However, due to labor laws / regulations we can not offer offsite access. (Home) We could get sued for hours they worked at home but were not paid. So I created a case with VMware and they told me the only way to do this was to use the tagging functionality to limit pools to certain connection servers. This wasn't what I wanted to hear since it causes a lot of problems elsewhere. Wish there was a nice on/off switch somewhere controlling external access. But anyway, I created a third connection server and labeled it and my second replica as "INTERNAL". I added my third connection server to the Microsoft NLB cluster also so I would have LB and redundancy. I then created a seperate pool just for hourly employees and tagged it as INTERNAL also.
The problem I am now facing is when I login to the MSFT NLB cluster IP it sometimes uses non "INTERNAL" connection servers (my first one). When it does this then the "Internal" desktop pool doesn't show up.
How is everyone getting around this? See below diagram showing my setup.
Thanks,
Michael
You could always pull the Connection broker that is paired with the security server out of the NLB. This way only the two internal connection brokers would be used when the user is on the LAN. The external would then be dedicated to users outside of the LAN.
You could always pull the Connection broker that is paired with the security server out of the NLB. This way only the two internal connection brokers would be used when the user is on the LAN. The external would then be dedicated to users outside of the LAN.
That should work. Let me give it a try. Do you think it matters at all which servers are replicas and that the one dedicated to External would be my standard one? It seems crazy that if I wanted a redundant setup throughout that I would have to create yet another connection server for external access. (In addition to another security server)
It doesn't matter if both internal are replicas and the external is the standard one. They all replicate to each other so no problems there.
mittim12,
Thanks for the help on this...quick question. Do you assign 10GB of memory to all your connection servers? (Security Servers also) I know the recommendation is 10GB for servers handling over 50 desktops, but it just seems excessive.
Michael
When you perform the installation of the connection broker there are some settings that are adjusted based on the amount of memory the machine has. These settings can't be changed without having to reinstall the connection broker software. With that in mind I did have 10 GB assigned to my connection brokers when I performed the installation. Once installation was completed I backed down assigned memory to 4 GB for my internal connection servers as we do not utilizing the tunneling feature on them. I did leave the 10GB assigned for my security server.
