Posts

Showing posts from January, 2013

View Security Server Firewalls

If you’ve ever set up a View Security Server for external access, you’ve probably invested a fair amount of your time looking at firewall port requirements.  I sure did.  And then, after all that time, I still ended up falling back on trial and error, for at least a little bit.  Rather than repeating that process (and to hopefully help others), I’m putting together a quick post with my notes.  This engagement is using vShield and is securing the Security Servers with these rules, preventing both incoming and outgoing traffic (except for what is explicitly allowed). First, there is an excellent list of general network portsrequired for VMware products , which can give you a good place to begin.  There’s a more detailed list of View Network Port Requirements  as well, which is an even better place to begin (but, if you’re working with other VMware products, the general list is a good resource to have available). Unfortunately, as I’ve mentioned, tha...

View Security Servers Behind an SSL Terminating F5 Load Balancer

We’re working on remote access for a View solution at one of my customers right now.  We’ve got a pair of external user Connection Brokers, each partnered with a Security Server.  We’ve also got an F5 Big-IP load balancer sitting in front of the Security Servers, giving them some protection from the big bad ‘net and, more importantly, providing load balancing services.  We found that the process was a bit more circumspect than I had expected, involving instructions from several documents, so I’m consolidating our process here.   At first, we followed the instructions from the F5 View Deployment Guide , which got us really close to what we needed.  It’s worth noting that the “External URL” and “PCoIP External URL” fields should be the public address of the F5, even though the document uses an internal address in its examples. We were able to connect to the system by our public name and it presented the list of desktops to our test account.  Howev...