I am new to VDI and this is my first Horizon Deployment.
My setup is that I have two Unified Access Gateways in the DMZ pointing to a back-end Load Balancer in my internal network and then two View Connection Servers behind my back-end Load Balancer. When I connect to a load balanced FQDN sometimes it shows me the thumbprint of my View Connection Server #1 and sometimes it will shows me the thumbprint of my View Connection Server #2. All of them have SSL certificates issued using my internal CA. So my question is which Connection Server URL Thumbprint should I use?
Thanks in advance for any help.
You'll need to put both thumbrints of your connection servers in the field "Connection server URL Thumbprint" on the UAG Horizon settings.
Seperate them by comma.
I actually did put both thumbprints of my View Connection Serves but the Horizon Destination Server is still showing down (red). I put like sha1=xxxxxxxxxxxxxx,sha1=xxxxxxxxxxxxx.
I know that the load balanced FQDN is working because if I type it on a browser it will just work no problem.
What versions of UAG and Horizon are you using?
The connection serves work fine when connecting to via the LoadBalancer?
What loadbalancer are you using?
What happens if you put one of the connection server addresses in the UAG in stead of the LB address?
UAG v3.10, Horizon 7.12
Yes, the connection servers just works fine when connecting via load balancer.
I am using Palo Alto for load balancing.
Everything works fine If I put one of the connection server addresses in the UAG instead of the LB address.
So it must be something with the load balancer then. I don't have any experience with the Palo Alto LB I'm afraid.
Did you try both connection server addresses in the UAG and they both work seperately?