Hi,
Just looking for some clarification on some things. This is not how my environment is setup today, but this is how I am planning to make it
View Connection Servers:
viewconn1.mydomain.com - 192.168.200.10
viewconn2.mydomain.com (replica) - 192.168.200.20
View Security Servers:
viewsec1.mydomain.com (paired with viewconn1) - 192.168.100.10
viewsec2.mydomain.com (paired with viewconn2) - 192.168.100.20
All of these servers would have IP addresses in the 192.168.x.x range. All servers in my DMZ servers are also in this range and I use a firewall to handle any type of NAT.
I plan to load balance all of these servers For my internal users, I'd like all view clients/zero clients to connect via the address view.mydomain.com . I'd really prefer that my internal and external(internet) users connect via view.mydomain.com
When it comes to certificates, what's the best way to handle this. I'll need a 3rd party CA for my security servers, that way my users connecting with their personal computers do not get any certificate warnings. Can I just buy a SSL cert for view.mydomain.com and install it on all 4 servers?
As for the PCoIP Security Gateway, can the external IPs be the internal dmz IP such as 192.168.100.10, since I'm having my firewall NAT, or does it need to be the public address provided by my ISP?
I've gone through the documentation already but it's still not 100% clear to me.
thanks,
Mike
