In the case of Security Server, it will use AJP13-forwarded traffic, which is IPsec protected, from the Security Server to a paired Connection Server. HTTPS Authentication data is passed-through from Access Point to the Tenant Appliance (Horizon DaaS).
This is typically via a load-balancer VIP (Virtual IP).ġb. The Horizon Client sends authentication credentials using XML-API over HTTPS to the PCoIP external URL on the Access Point appliance (or Security Server). If you refer to my Horizon 7 Network Ports diagram, you’ll see I’ve put these in a dotted line to show this. Note: In the past, Security Server used JMS, IPsec and AJP13, but Access Point doesn’t use these protocols (JMS is still used on the Connection Servers). The role of the PCoIP Gateway on the Access Point appliance is to then forward the PCoIP connection to the IP address of the Horizon Agent. When the user launches the chosen desktop pool, Access Point will communicate on HTTPS (TCP 443) to receive the desktop IP from the Connection server. This could be a VIP on the load-balancer, or an external facing IP for each of the Access Point appliances, depending on the configuration (see Method 3 of Mark’s article). When the entitled desktops are returned to the client(see 1b below) it also receives the external URL of the Access Point appliance, this is where the Horizon Client > Access Point connection is established on HTTPS (TCP 443). How does Access Point know which VM to connect to?Īccess Point doesn’t need to know which ESXi host is running the VM. There may be differences in external load-balancing, Security Server or Access Point, and external URL configuration, but for this post I’ll focus on the Horizon Client itself and the aforementioned protocols.Ī colleague asked me a very good question which I’d also like to address. The connection flow of the Horizon Client is largely the same with Horizon 7, Horizon Air or Horizon DaaS.
I’ll start with PCoIP and then we’ll look at Blast Extreme. VMware Horizon supports RDP, PCoIP and now Blast Extreme. Since I published the Horizon 7 Network Ports diagram with the latest release of Horizon 7, I’ve been frequently asked about the connection flow between the Horizon Client and the virtual desktop.