I'm working on deploying a new View Environment using Horizon 7.11. I'm deploying UAG for the first time and What I've done so far is build the connection server and our UAG (Version 3.8). It's a single nic UAG in our DMZ. Currently I'm confused as to what my PCOIP External URL should be. Currently, I'm seeing all green except my Horizon Destination Server, which shows red. When I check the logs it's saying the connection to my connection server url is timing out. My connection server is on our internal network so it's not accessible from the outside. Does my connection server have to be in the DMZ? Or does my connection server have to have a public IP address? Our current environment uses a security server so Our security server is in the DMZ and has a public IP address to handle outside connections. I assumed that was how I would set the UAG up, so I have a public IP address for the UAG.
Any help would be appreciated.
It's just the UAG which needs to be in the DMZ. However, the UAG also needs to be able to communicate with systems in your internal network. Please take a look at Firewall Rules for DMZ-Based Unified Access Gateway Appliances to see what's required.
André
Is your Connection Server using a ".local" name in DNS? I ran into an issue with a customer who was using .local addresses.
VMware UAG not using DNS - Roderik de Block
It's just the UAG which needs to be in the DMZ. However, the UAG also needs to be able to communicate with systems in your internal network. Please take a look at Firewall Rules for DMZ-Based Unified Access Gateway Appliances to see what's required.
André
What was the resolution for the .local issue?
It turned out to be an issue with our NSX rules. Our UAG wasn't set to communicate with our connection server. It's working now.
Thanks for the feedback!