I have a view 6 environment that has been operating for 3 years now (1 of which has been under my administration). Just last week, users could connect remotely (to security gateway), see their desktop pool and select it (static assignments/persistent disks). It begins to load the desktop, then immediately says server connection was lost. This environment has been stable for a long time and the certs have not expired. I have no idea why this happened and the logs on all servers involved don't show anything of value.
Firewall rules have not changed on edge FW or servers
No updates have been applied to any of the servers (MSFT or Vmware)
Servers are green in view admin page (Sec servers are red but that's due to self signed certs)
I know a lot of people point first to FW rules, I've triple checked the rules and the Windows FW's are disabled at the moment, yet the problem persists.
I get the same outcome if I try:
External >> Sec Gateway >> Connection Server
Internal >> Sec Gateway >> Connection Server
Internal >> Connection Server
I'm not extremely familiar with the view/horizon environment, but the KB's and discussions have not yielded any insight to my issue.
I copied this over from a different thread.
What version of the Horizon Client are your endpoints using? 4.10.0 was released earlier this month which disabled support for TLS 1.0. You need to be on Horizon 6.2.1 or newer where TLS 1.0 is also disabled for the newer clients to work.
You should start prioritizing an upgrade or migration to Horizon 7.x as Horizon View 6.x goes end of general support in just over 6 months on 2019/06/19.
There is a VMware supplied workaround available.
There is a per-device workaround that allows Horizon Client for iOS 4.10 to continue working with TLS 1.0:
TLSv10 = enable
- Create a new file named config.txt
- Add a new line to this file:
- Connect the iOS device to a computer that has iTunes installed
- Open iTunes and select File Sharing on connected device
- Select Horizon in Apps
- Click Add… button to add config.txt into Horizon App
- Relaunch Horizon App
The latest Horizon Clients have turned off support for TLS 1.0, an older encryption framework with multiple security vulnerabilities. If your company is on an older version of the server software, for instance Horizon View 5.X, it won’t support the newer encryption connections. There is a work-around for mobile clients that I have been sharing with companies when they reach out to me. Otherwise, you can stay on the Horizon Clients 4.9 until you can update your environment.
Product Line Manager