VMware Horizon Community
txfree2
Enthusiast
Enthusiast

What port do I need to open to get access or did I build my architecture incorrectly?

I build my VDI environment 7.5 I need to know what ports I need to open so off campus student's can get access. I have port 443 & 80 open inbound. but I was talking to one of my co-workers and he said that I need to have a Connection Broker in the DMZ so off campus employees/students can have access is that correct? and if so can I just put 1 or 2 Connection brokers in the DMZ in front of the A-10 and if so what ports do I need to have open? Thanks for any help. It's working like a dream on campus just not off campus or on our wireless we have firewall rules in place on that.

4 Replies
HussamRabaya
VMware Employee
VMware Employee

you colleague is right , your design is not complete , you need to add one of the below :

1- Security server in DMZ and map it to one of you connection broker

2- UAG (unified access gateway) which is advanced appliance

you can have single instance (security or UAG) or you can have them behind A10 for high availability

for the ports requirements , please have alook on the below URL

VMware Knowledge Base

andiwe79
Enthusiast
Enthusiast

Hi,

if you have F5 LBs, they can act as PCoIP Proxy too.

Have a look here:VMware Horizon View (BIG-IP v11, 12, 13: LTM, APM, AFM)

If your LB is not capable doing this then, as HussamRabaya said, you have to deploy UAG/Security Server(s).

I'd prefer UAG.

Have a look at his sheet. I prefer the graphics over the KB Article Tables :winking_face:
Network Ports in VMware Horizon 7: VMware Horizon 7 version 7

Unfortunately i ca't find the full PDF Version. The HTML Pictures are quite bad res and hard to read.

Best regards

Andreas

HussamRabaya
VMware Employee
VMware Employee

have a look in this simple diagrams it may help

Redirect Notice

txfree2
Enthusiast
Enthusiast

Here is my design for 7.6 I have internal traffic working good. But I'm having problems with external traffic getting connected. I'm wanting to be able to use Blast, RDP and HTML. What ports do I need to have to use those protocols. these are the defaults is there anything else that I should add? thanks for your hlep.

RDP tcp 3389

BLAST tcp port 8443, 22443

HTML tcp ports 8443, 22443

pastedImage_0.png

Reply
0 Kudos