I'm getting this error on my View 5.1 Environment: The View Connection Server authentication failed. Initialization failed while connecting to server 'https://view.mydomain.local:443'
I have three View connection server with a SAN certificate for view.mydomain.local; I've also inclued each connection server name in the cert as san.
I'm using HTTPs Secure Tunell with https://view.mydomain.local:443 in the External URL
If I change the external url to the connection server name I don't get the error.
here the view client log:
May I missing something in View Connection server configuration? Or May I make a mistake installing some components?
Is this going through a load balancer? It's possible that the tunnel connection is getting routed to a different Connection Server.
If your Load balancer doesn't ensure that subsequent connections from the same View Cient go to the same server, then you should use specific Connection Server hostname references in your External URL.
e.g. if you have view.mydomain.local as a load balanced alias and view-cs1.mydomain.local, view-cs2.mydomain.local and view-cs3.mydomain.local as the hostnames of your 3 Connection Servers then set each External URL to be the appropriate hostname (e.g. view-cs1.mydomain.local) to ensure the tunnel connection gets to the same Connection Server and your load balancer doesn't misroute it.
If this is all on an internal network, then you don't need to use the tunnel and you can disable this option so that RDP, USB redirect etc. goes directly to the desktop.
The External URL and PCoIP External URL are only needed for remote access. Also refer to http://communities.vmware.com/docs/DOC-14974 if this is a remote access setup. It describes the use of External URL and PCoIP External URL.
At this time we are using round robin dns. Next steps is going through load balancer.
all the environment is in the internal network and we are using pcoip as client connection protocol.
the current configuration is this:
in this way each client use the address assigned by the dns round robin.
for each connection server I've the config in the image below (this is for CS1):
we must check "Use Secure tunnel..." because is required for USB redirection with pcoip.
it this config correct?
No. This is not correct based on your original configuration. When you saw the failure, your round robin DNS will have sent tunnel connections to a different Connection Server and will have failed. Setting the External URL to the specific Connection Server name (resolvable on the Internet) is correct for remote access situations.
If you set the External URL and PCoIP External URL to the specific external IP addresses of your Connection Server then it will route correctly. It is only the FQDN in the URL that the View Client uses that should be used for round robin DNS (not the External URLs).
If this is all internal, then you don't need to use the tunnel anyway so you can untick "Use Tunnel ..." in which case the External URL is not used.
I noticed that if I uncheck "Use Secure Tunnel..." i get the message "USB redirection is not available" and I cannot use usb with none my virtual desktop.
Is there something other to configure?
I tought to check "use Secure Tunnel connection to desktop" becaue I read this KB:
at the end in the field "Related Education" you can find this line:
In View Manager 5.1 and later releases, the USB redirection over port 32111 is tunneled over SSL connection (port 443).
I think that way If I uncheck 2use Secure..." the usb is not available
No. If you have direct connection available from the Client to the virtual desktop, you don't need to use the tunnel. The USB redirection channel on TCP port 32111 can be direct. Check that you don't have a firewall blocking 32111 anywhere in the path.
Ok. it was a firewall problem.
We are upgrading from View 4.5 and I noticed that in View 5.x client usb redirection is provided by vmware-view-usbd.exe. This executable is not present in our client version so there wasn't a firewall exception for this exe.
Thank you very much for your help