Hello,
we are running a small POC with View 4.6 and we are very happy about it.
The setup consist of very few users in different positions in the company (about 10 now) to test the behavior and a single View Connection Server; we are about to upgrade to View 5 and so, to guarantee continuity to our users and learn how to perform this kind of task for the future we wanted to add a replica server for being able to upgrade without disruption.
We did install the replica and even if it works i can't connect to the replica server with HTTPS but only HTTP and i can't understand why.
The original Connection Server does let me choose from the client and it works with both protocols and in fact i can see it's listening on both ports using netstat while the replica server only listens on port 80 only.
Windows firewall is down at the moment to facilitate troubleshooting.
The replica server VM has been deployed using the same template of Windows Server 2008 R2 Enterprise (ENG) as the original connection server.
In the view manager we are not forcing the HTTPS connection.
We are not tunnelling connections through the server at the moment and we are interested to keep working this way.
We are using PCoIP.
Here's my questions:
1. Is there any reason why the replica server doesn't allow me to connect using SSL?
2. Since we intend to load balance the two servers, is there a way to see which users are connected to which server if we are not tunnelling connections? (i've noticed that if we tunnell connections the field "Security Server" gets populated in each row of each client in the View Manager but if we don't tunnell connection it just remains blank)
Thanks for your help in advance
1. Odds are you had disabled the "use SSL" option in the admin UI before installing the replica, which is a global setting, but had not yet restarted your original connection server for the change to take effect, which was why the replica was listening on HTTP only but the first CS was still on HTTPS. If you had restarted your original server before ticking that box it would also only be listening on HTTP.
2. No, there's no way in the current version to see from the admin UI which connection server the session has been brokered through if tunneling is off and the PCoIP secure gateway component is not in use. Once the session is established there's no direct cost on the connection server in this mode.
The replica server should be the same as the standard server and therfore listening on 443 as well. Check the logs on the replica. That should tell you what's wrong.
Have you checked by running "netstat -an" on the replica?
Mark.
Yes of course i check, as written above and it listens only on port 80 TCP.
Anyway, i forced to accept connection on SSL only, restarted the view service on all view connections servers and now it does listen on both ports.
Weird.
Anyone can answer question number 2?
RSA configurations are per conncetion server, which means you can have RSA configured in the connection server which is paired with security server for external users and the other servers without RSA for internal users.
1. Odds are you had disabled the "use SSL" option in the admin UI before installing the replica, which is a global setting, but had not yet restarted your original connection server for the change to take effect, which was why the replica was listening on HTTP only but the first CS was still on HTTPS. If you had restarted your original server before ticking that box it would also only be listening on HTTP.
2. No, there's no way in the current version to see from the admin UI which connection server the session has been brokered through if tunneling is off and the PCoIP secure gateway component is not in use. Once the session is established there's no direct cost on the connection server in this mode.
