Hello,
I'm going through an eval of View and three issues came up while working on external access via the Security Server in our DMZ.
1. Using this article: VMware KB: Guidelines for generating and importing an SSL certificate for the View Connection Server for View 5.0.1 … I bought a certificate from an external CA (Thawte) and imported it into the keystore on the security server. I created the locked.properties file in C:\Program Files\VMware\VMware View\Server\sslgateway\conf. After restarting the Security Server, it still seems to be using its self-signed certificate. Is there some other step missing from this document? I came across one guy's blog who walks through doing this without keytool, and one of his steps says that the friendly name on the cert had to be vdm... not sure if that's specific to his environment, or a VMWare requirement.
2. I was able to log into the Horizon client externally after acknowledging that the self signed certificate wasn't trusted. However if I launch a desktop from the linked clone pool using PCoIP it won't connect. It looks like it's connecting (the screen goes black, and I get the control bar on the top of the screen, but then it closes out and I get a message saying ""The connection to the remote computer has ended". I assume this is a firewall issue, and I've looked at http://blogs.vmware.com/consulting/files/2014/06/Horizon-6-Firewall-3.png and View TCP and UDP Ports. I'm fairly certain that I got all of them. For PCoIP, is all that I need TCP/UDP 4172 open from external in to the Security Server and from the Security Server in to the desktop VMs?
3. If I change the protocol to Microsoft RDP, the connection works from external, however I get a permissions error when it starts to log in to the desktop saying that I need to be in the Remote Desktop Users group. I'm able to connect to the same Linked Clone pool from an internal machine using the same credentials though. Is there something different about how the desktop launches externally vs internally?
Thanks in advance for any help!
Dylan