- #THE PCOIP PROTOCOL REQUIRES VIEW SECURITY SERVER INSTALL#
- #THE PCOIP PROTOCOL REQUIRES VIEW SECURITY SERVER PASSWORD#
The next screen gives you the option to change the installation directory by clicking the Change button. Double-click the installer to start the installation.ģ.
#THE PCOIP PROTOCOL REQUIRES VIEW SECURITY SERVER PASSWORD#
Once the pairing password is set up, you can start the Security Server installation.ġ. If this happens, the password will need to be recreated using the steps above. Note: Pairing passwords can time out or be invalidated by hitting the back button during the Security Server installation after the pairing password has been entered.
#THE PCOIP PROTOCOL REQUIRES VIEW SECURITY SERVER INSTALL#
If the password is not entered in that time period, or if you encounter errors with the install that are not resolved before the timeout period expires, you will need to create a new password. When you do this, you will also be able to configure how long that password will be valid for. Click on More Commands and select “Specify Security Server Pairing Password.”Ĥ. Click on the Connection Servers tab and select the Connection Server you want to pair with.ģ. In View Administrator, go to View Configuration –> ServersĢ. To set up the pairing password, take the following steps:ġ. This must be set up before the installation starts. The Security Server installation will prompt for a Connection Server to be paired with and a pairing password during the install process. Configuring Horizon View for a Security Server Also, updates to the application signatures or the PCoIP protocol may impact users’ access to virtual desktops. Note: If you’re using application-aware firewalls like Palo Alto Networks devices, make sure that any application protocols required by Horizon View aren’t blocked between the DMZ and Internal network. The following ports will need to be opened to facilitate this: The Security Server will also need to communicate with the Horizon View desktops. For more information on the rules that need to be enabled, please see this VMware KB article. These rules depend on whether network address translation is used between the DMZ and Internal network.
If you are deploying your Security Servers in a DMZ configuration with a back-end firewall, you need to configure your firewall to allow IPSEC traffic to the Connection Servers. PCoIP – TCP 4172 In, UDP 4172 both directions.HTTPS – TCP 8443 both directions (if Blast is used).The rules that are required on the front-end, Internet-facing firewall are: If the server is deployed into a DMZ, the firewall will also need to allow traffic between the Security Server and the Connection Server. In order to enable remote access, a few ports need to be opened on any firewalls that sit between the network where the Security Server has been deployed and the Internet. This IP address does not need to be configured on the server’s network card as both Static 1:1 NAT and PAT work with Horizon View. If it is externally facing, it will need to have a publicly addressable static IP. Because the Security Server is an optional component, each Connection Server is not required to have one, and a Connection Server cannot be paired to more than one Security Server.Įach Security Server also needs a static IP address.
It’s essentially a reverse proxy for your View environment.Įach Security Server that is deployed needs a corresponding Connection Server, and they are paired during the installation process. This component of the Horizon View environment contains a subset of the Connection Server components, and it is designed to sit in a DMZ and act as a gateway for Horizon View Clients. The View Security Server is VMware’s method of addressing remote access. Now that a desktop pool has been set up and desktops are provisioned, it’s time to set up that remote access. Horizon View provides a secure method for granting users access to their desktops from anywhere with an Internet connection on any device without needing a VPN connection.