From checking all the docs it would seem that the connection flow for Horizon w/ UAG would be: Client -> UAG -> Connection Server : ?Verify where to connect .. then Client -> UAG -> Desktop But th...
See more...
From checking all the docs it would seem that the connection flow for Horizon w/ UAG would be: Client -> UAG -> Connection Server : ?Verify where to connect .. then Client -> UAG -> Desktop But that means you have to have a 1 to many firewall rule, mapping inbound connections from the UAG (in DMZ) to the Desktop (in LAN). I was wondering if it makes more sense to add another 'internal' layer of UAGs, so that it would be... Client -> UAG (DMZ) -> UAG (LAN) -> Connection Server: ?Verify where to connect .. then Client -> UAG (DMZ) -> UAG (LAN) -> Desktop This would give you a 1 to 1 mapping in the DMZ rule into LAN, and the Desktop connection is now not in the rule. Would that lead to some sort of instability ? I know there's a doc talking about a two layer DMZ model, so you can handoff one UAG to another. Just all the docs refer to the first scenario, if you're doing it the 'normal' way. Anyone try this ?