VMware Horizon Community
vmmaj
Enthusiast
Enthusiast

UAG HA PCoIP

Hello All,

I am attempting to get our UAG onboard HA working. I have two UAGs setup in our DMZ and have HA enabled. We have a public DNS name and 3 IPs available through the DMZ for the UAGs traffic (one for the VIP and two for the UAGs). We are using horizon 7.13.1 and latest UAG.

ISSUE:

PCoIP works with one UAG setup no problem. Blast works with one or Two UAGs with HA but PCoIP will not work with HA. 

I have a read that three DNS entries are necessary for PCoIP to work with HA but I can't fine a good document explaining the DNS setup. The UAGs do have DNS setup internally , Do the UAGs require some sort of DNS on the internet as well along with our main vdi portal?

Thanks

Reply
0 Kudos
12 Replies
SurajRoy
Enthusiast
Enthusiast

For UAG HA to work you need 3 Public IP ( Which you have) and 3 Public DNS resolving to those 3 Public IP.

 

Example:

UAG 1:

  • Public IP: 171.10.10.1
  • Public DNS resolving to above IP: UAG1.xyz.com

UAG 2:

  • Public IP: 171.10.10.2
  • Public DNS resolving to above IP: UAG2.xyz.com

VIP: 

  • Public IP: 171.10.10.100
  • Public DNS resolving to above IP: myvdi.xyz.com

 

On each UAG point the tunnel URL and IP to their own public IP and public DNS. So under UAG1 the PCoIP External URL: 71.10.10.1 and for UAG2 the PCoIP External URL should be 71.10.10.2

The end users only need to remember " myvdi.xyz.com" and when they click on the desktop to launch the launch, the client will talk to specific UAG and need have to go through VIP.

 

NOTE: UAG HA VIP cannot handle UDP traffic 4172

 

 

Reply
0 Kudos
vmmaj
Enthusiast
Enthusiast

Thank you so much for this information.

Will the public facing Cert's need to be updated to include the new public DNS names?

 

Thanks.

 

M.

 

 

Reply
0 Kudos
SurajRoy
Enthusiast
Enthusiast

Yes you need a SSL cert including those name OR use a Wild card cert.

 

 

**If you like my recommendation please like ***

Suraj

https://www.surajroy.com/ 

Tags (1)
vmmaj
Enthusiast
Enthusiast

After several weeks of working with vmware off and on this issue still persists. vmware thought the latest release of the UAG would correct this but it has not.

Issues:

PCoIP - Works for all

BLAST - only works for some - With my limited testing group this has now seems to come down to a spectrum vs Verizon issue. Verizon home internet users can use the blast protocol with out issues . Spectrum hom internet users have issues with blast protocol.

Very odd - Anyone else see anything like this.? my vmware ticket is still open and new logs sent to them. 

NOTE: This issue is with vmware\UAG HA setup.. single UAG setup does not have problems with either protocol

Reply
0 Kudos
SurajRoy
Enthusiast
Enthusiast

When you say end users using Spectrum having issue.

What is the issue?

Does session disconnect during session?
OR
End users are not able to connect to VDI using Blast?

Reply
0 Kudos
vmmaj
Enthusiast
Enthusiast

A spectrum user can connect to the system, view their published apps but if their client is set to use Blast protocol the app will not execute, they will get a progression bar and then it will time out. If spectrum user sets their horizon client to use PCoIP the application will launch.

I'm on Verizon, i can launch the application via Blast or PCoIP. 

 

thanks.

 

Reply
0 Kudos
SurajRoy
Enthusiast
Enthusiast

for Blast external URL set on UAG, what is the port defined, 8443 or 443?

Reply
0 Kudos
SurajRoy
Enthusiast
Enthusiast

As with Single UAG both the protocols are working irrespective of the network provider Verizon or Spectrum.

I want you to test one setting in UAG and let me know the status

Reply
0 Kudos
vmmaj
Enthusiast
Enthusiast

No issues with Single UAG setup.

Tags (1)
Reply
0 Kudos
SurajRoy
Enthusiast
Enthusiast

Please follow the below step and let me know if it work.

  • Example:
    Client Access URL: myvdi.example.com ( Resolve to public IP 171.10.10.100 which is NAT to HA VIP)
  • UAG1 Public IP: 171.10.10.10
  • UAG2 Public IP: 171.10.10.20

Now browse to UAG  Edge settings > Horizon > More > "Host Redirect mapping"

Under UAG1 setting:

  • Source Host: myvdi.example.com 
  • Redirect Host: 171.10.10.10

Under UAG2 settings:

  • Source Host: myvdi.example.com 
  • Redirect Host: 171.10.10.20

 

 

Reply
0 Kudos
vmmaj
Enthusiast
Enthusiast

LATEST UPDATE to add to the confusion.

If I do a fresh reboot of the UAG's BLAST and PCoIP seem to work fine but after some time BLAST will stop working, I don't know how much time has to pass or what makes BLAST stop working. 

I have sent VMWare new logs with the new findings. 

 

Reply
0 Kudos
SurajRoy
Enthusiast
Enthusiast

Well I think opening ticket with VMware is the the best option.

Is it possible to share the VMware UAG log bundle prior reboot of the UAG

Reply
0 Kudos