VMware Horizon Community
stevesimoes
Contributor
Contributor

View Manager Server on two very different subnets

We have 2 subnets where my thin clients reside. 130.132.15.x and a private subnet 192.168.75.x. Our network architecture allows for ips in these ranges to be used by any thin client from any network port in our building. My View Manager server is on the 130.132.15.x network and works fine. I wanted to also have the thin clients on the 192.168.75.x network also access the View Manager server so tjhey can access our locked down terminal servers and my new View Desktops.

I have tried adding a second NIC and I have also tried adding a second ip on the existing adaptor on the View Manager server. In both cases, it does not work at all. So I added https://192.168.75.253:443 as an External URL and I am able to connect from a thin client on my private network, but if I try to connect to then connect to a VDI desktop from a thin client or pc on my 130.132.15.x network, I get the error message: "The View Connection Server authentication failed. A secure connection with the server '(null)' cannot be established". If I clear the external url field, I can then connect as expected.

Is there any solution to my problem? Can a View Manager server be multihomed with different ip addresses?

Reply
0 Kudos
7 Replies
Linjo
Leadership
Leadership

Why not use FQDN and let the clients resolve the View Manager instead?

Its generally bad practise to use ip-adresses for anything in View, setup your DNS properly instead or use hosts files if DNS is not an option.

Best regards,

Linjo

If you find this information useful, please award points for "correct" or "helpful".

Best regards, Linjo Please follow me on twitter: @viewgeek If you find this information useful, please award points for "correct" or "helpful".
Reply
0 Kudos
stevesimoes
Contributor
Contributor

I just tried using a FQDN. I added an entry to the Hosts file on my thin client residing on my 192.168.75.x private network. The entry I added was "192.168.75.253 yuhs-viewmgr-private.yu.yale.edu". I also added the ip of the thin client as the DNS server address. I set the External URL field to https://yuhs-viewmgr-private.yu.yale.edu:443. I was able to connect to the VDI desktop from the thin client. However, I cannot connect to VDI desktops from the 130.132.15.x network. I get a different error message than before. It says "The View Connection Server authentication failed. The server name "https://yuhs-viewmgr-private.yu.yale.edu:443" could not be resolved".

Reply
0 Kudos
Linjo
Leadership
Leadership

Ok, thats at least a step in the right direction.

So can the thin clients resolve the name you have set? What happends if you ping the fqdn?

Best regards,

Linjo

If you find this information useful, please award points for "correct" or "helpful".

Best regards, Linjo Please follow me on twitter: @viewgeek If you find this information useful, please award points for "correct" or "helpful".
Reply
0 Kudos
stevesimoes
Contributor
Contributor

Actually, the problem is equally worse. I can ping the View Manager server at 192.168.75.253 using the FQDN I put in the host file on the thin client and added to the External URL setting, but if I switch over to my desktop on my 130.132.15.x network and try to connect to a View Desktop, I get the error message I last posted. I don't think using the External Url setting is the way to go here, or I am missing a step. If I remove the External URL setting, then I can connect from my 130.132.15.x computer, but, of course, I cannot connect from the thin client on the private 192.168.75.x network.

Reply
0 Kudos
Linjo
Leadership
Leadership

Its most likely a DNS problem, verify that all thinclients, VIew Manager, vCenter and View Desktops can resolve each other properly.

Best regards,

Linjo

If you find this information useful, please award points for "correct" or "helpful".

Best regards, Linjo Please follow me on twitter: @viewgeek If you find this information useful, please award points for "correct" or "helpful".
Reply
0 Kudos
stevesimoes
Contributor
Contributor

I can try adding the external url to my DNS servers so the computers on my 130.132.15.x network can resolve it. I'll report back. But I still wonder if I am using a setting that was not intended to be used this way. I am lookikng for more specifics. It looks like the external url setting gets returned to all clients trying to connect once it is set. The clients on my 130.132.15.x network that is on the same network as the View Manager Server now need to use the External URL to connect, and thus need to resolve that name? Why would they not connect on both channels (see below) to the url that is on the same network segment as the View Manager Server? Shouldn't external clients only need to connect via the External URL once configured?

Here is what I think is the -pertinent section of the VMware View 4.01 admn guide:

"Setting an External URL for View Connection Server When you use Microsoft RDP as the display protocol, View Client attempts to create

two separate TCP connections between itself and View Connection Server. The first connection handles user operations such as authentication, desktop selection, and so forth. The second connection is instantiated after logon and provides a tunnel for carrying RDP data.The first connection is made using the URL or IP address entered by the user into the client. Providing the firewall and load‐balancing components have been configured correctly in your network environment, this request reaches the server. Upon authentication, the FQDN of View Connection Server is returned to the client. The second connection (the tunnel connection, which is SSL‐encrypted by default) is attempted using the FQDN. However, the connection fails if the FQDN cannot be resolved by the external View Client."

Reply
0 Kudos
stevesimoes
Contributor
Contributor

I put the same url in the External URL field that I have have as the FQDN of the server, and I am now able to connect from both subnets.

Can someone confirm this is is a proper use of the External URL field in View Manager?

Reply
0 Kudos