I deployed a Horizon View Access Point Appliance for a customer, to be used as their Security Server. Everything is working great from outside the network, but from inside the network, they cannot connect using PCOIP.
External users hit the DNS "vdi.domain.com", and internal users hit "vdi.domain.com", but the internal DNS servers point that DNS name to the internal IP of the access point.
I believe when hitting the access point (internally or externally), it tries to route users from outside and then back in. There is probably a NAT issue which is why internal users cannot connect.
But the larger question is, how do I keep internal users' traffic, internal? Customer has an EPL link between all of their sites, so it makes no sense to have their traffic go over the internet. How do I keep that internal while still allowing outside users access? I can have internal users connect straight to the connection server, but that is annoying for them to have to have two different links to choose from in the VDI client. (The Access Point and Connection Server).
What am I missing? Here is the settings for edgeservice of the access point. (I masked customer info)
{
"edgeServiceSettingsList": [
{
"identifier": "VIEW",
"enabled": true,
"proxyDestinationUrl": "https://view.domain.net",
"proxyDestinationUrlThumbprints": "sha1=5f c9 b8 f5 33 1e d5 02 9c 19 75 d9 91 59 ac 24 6d 33 3e 47",
"pcoipEnabled": true,
"pcoipExternalUrl": "66.66.66.66:4172",
"blastEnabled": true,
"blastExternalUrl": "https://vdi.domain.net:8443",
"tunnelEnabled": true,
"proxyPattern": "/"
}
]
}