VMware Horizon Community
rpmoyer93
Contributor
Contributor
‎02-15-2021 11:48 AM

Tunnel Reconnection not Permitted only on client

Hello all,

We are currently experiencing an issue with two UAGs behind a load balancer that when trying to connect from the client on a Windows machine it says tunnel connection is not permitted, Macs have a slightly different message but same issue.  From the browser it connects with no issues.  On the UAGs, all edge services are green.  For reference we are using a cloudflare LB and it is set to enable sticky/persistent sessions.  Any thoughts on where to go from here? 

Im wondering if during the 2-stage auth with the client that for some reason CF is truncating the headers or some other nonsense.  Im not 100% on how the HTML version auth is different from the client version auth.

Thanks!

 

EDIT:  This is on Horizon 8 2006 Conn servers and Unified Access Gateway Appliance v3.10

0 Kudos
1 Reply
wing523
VMware Employee
VMware Employee
‎02-23-2021 06:39 PM

Is the tunnel communication also go through the LB WAF rules? I'm not farmiliar with cloudflare LB. But if so, maybe try to bypass the WAF rules for tunnel communication to see whether the issue still exists.

0 Kudos