I have been asked to setup VmWare View Client in my corporate environment to allow internal staff to access desktops off site via the Internet.
We have deployed verison 5.2.1 of VMWare View Client to the desktops.
Our environment does not allow desktops direct access to the Internet, everything is proxied. A desktop cannout route to the Internet or exit via the firewalls.
I start the client and it comes up in the initial stage of wanting to access http://x.y.z which is out on the Internet.
I click connect and get a green tick to show it has conncted and in the corporate proxy logs I see the CONNECT and traffic on the wire.
I enter the username and RSA passcode. I see network traffic hit the internal corporate proxy and I progress to the next stage
Now I am prompted for the username, password and the domain to authenticate against
I enter these and again see network traffic to the internal corporate proxy and the updates at the bottom of the client show I have authenticated successfully.
Then it falls apart. The client says it is attemtping to open the session to the remote desktop and after a number of minutes fails.
At this point I see my internal desktop attempting DIRECT access to host x.y.z on the Internet, whch of course fails.
Up until this point all traffic has used the internal corporate HTTP/HTTPS proxy just fine. I can see the traffic hitting the internal proxy which is allowed Internet access. A wireshark capture on my desktop shows no attempts to reach the Internet host directly until the final stage when the client tries to open the view the the remote machne.
Question: Should the whole process be able to be proxied? ie, should I be able to run VmWare View Client and have all traffic go via the corporate HTTP/HTTPS proxy?
I can't draw a picture here but the network summary is something like:
Internet Client Desktop IP: 1.1.1.1
Internal HTTP/HTTPS Proxy: 2.2.2.2
Internet Target Server: 9.9.9.9
Stage 1: Initial connect Traffic 1.1.1.1 -> 2.2.2.2:443 -> 9.9.9.9:443 (Result Green tick)
Stage 2: RSA Authentication Traffic 1.1.1.1 -> 2.2.2.2:443 -> 9.9.9.9:443 (Result Success)
Stage 3: Domain Authentication Traffic 1.1.1.1 -> 2.2.2.2:443 -> 9.9.9.9:443 (Result Success)
Stage 4: View remote desktop Traffic 1.1.1.1 -> 9.9.9.9:443 (Result Failure as there is no route or outbound firewall access)
I don't have access to the View Manager. I am the client in this case.
Thanks for any assistance or pointers.