I had an issue with my View 5.3 replica server. Users were complaining that the server was taking along time to authenticate BUT once logged in, everything seemed to work normally. On my replica server, I do not have the PCoIP gateway checked, I do have the HTTP secure tunnel checked though. When I rebooted my replica server, all users connected via that replica got a message "Error reading from tunnel HTTP socket: Connection reset by peer". I was under the impression that if the PCoIP wasn't checked, it was just nailing up the connection then getting out of the way. I thought I confirmed this with wireshark in the past but this doesn't seem to be the case. Can anyone elaborate on what I am missing here?
Thanks in advance.
I think that would impact RDP connections. The below is taken from the help menu.
"This setting enables a secure tunnel on this Connection Server instance and its paired security servers.
When the setting is enabled, View Clients connect to desktops through the secure tunnel, which carries RDP and other data over HTTPS. PCoIP and HTML Access connections use separate secure gateways.
In general, check all secure gateway settings, or check none."
All of my View clients are using PCoIP so RDP wouldn't come into play here. Maybe my setup is somehow the issue. I have 3 View servers, one security, one connection, and one replica. The replica does NOT have the box for PCoIP secure gateway checked. The other 2 servers do because they are actually using it. I did this so internal connections would go to the replica using the HTTPS gateway, rather than funneling them all through the security gateway. Since my main view connection server has it checked, is that what is causing this? The replica server traffic, last time I checked, looks to nail it up and get out of the way BUT maybe something else is going on as well?
If the tunnel setting is enabled then supporting clients will always establish a tunnel connection on authentication to the CS, if this goes down and on reconnection it is told that the connection is no longer valid (which will happen after your replica comes back up) then the client will terminate. This is expected behaviour, even if you don't have an RDP session going through it. Note that ancillary connections such as USB and MMR data will go through the tunnel even if you are using PCoIP since they have their own TCP transport. If you do not want clients to be disconnected when restarting a connection sever, neither the PSG nor the tunnel can be enabled.
Edit: just a note to say the raw "connection reset by peer" message isn't great, this bad message may be a client bug as I'm fairly sure the older wswc client used to explicitly say that the authentication failed for a reconnection.