VMware Horizon Community
ixoni
Contributor
Contributor

Security Server Clarification

We have been running a small VDI implementation for about two years and are on version 5.3. We now want to add remote access so I am setting up Security Server but could use some advice and/or clarification in a couple areas.

1. All the documentation I have read talks about setting it up in a DMZ. We do not use a DMZ. We have a Sonicwall at the perimeter and use NAT to access internal resources. In this case do we really need a Security Server or could I setup a NAT pointing to the Connection Server? Or do I still need to setup the Security Server behind the Sonicwall and NAT to it? (This is how I have it setup now, but not working yet).

2. I noticed in the View Manager that PCoiP is disabled on the Security Server unless in the Connection server the "Use PCoIP secure gateway for PCoIP connections to the desktop" is checked. Does this mean that if I implement Security Server all internal connection will go through it as well?

Thanks

Tags (1)
Reply
0 Kudos
2 Replies
SanjaySP1
VMware Employee
VMware Employee

Hello,

1. All the documentation I have read talks about setting it up in a DMZ. We do not use a DMZ. We have a Sonicwall at the perimeter and use NAT to access internal resources. In this case do we really need a Security Server or could I setup a NAT pointing to the Connection Server? Or do I still need to setup the Security Server behind the Sonicwall and NAT to it? (This is how I have it setup now, but not working yet).

> VMware recommends using Security server for connections from external network.

> What is the status of Security Server in View dashboard ?

> When trying to connect from external network what are the symptoms you experience ?

2. I noticed in the View Manager that PCoiP is disabled on the Security Server unless in the Connection server the "Use PCoIP secure gateway for PCoIP connections to the desktop" is checked. Does this mean that if I implement Security Server all internal connection will go through it as well?

> Visit below URL for respective information.

Documentation Center for Horizon 6 version 6.1

Reply
0 Kudos
glennvelsol
Enthusiast
Enthusiast

We are setup the same, no dmz, and we NAT through sonicwall. Orginallyy I did not have a security server up and we NAT'ed everything, and all worked fine. Than we tried to use OSX/iMAC's to connect and they wouldn't connect, VMware support recommened a security server, after I added a security server, everything works fine now on all platforms. So...yes you can NAT it without a security server but if you can deploy a security server, I would.

Reply
0 Kudos