3.0.1

Table Of Contents

View Manager Administration Guide

34 VMware, Inc.

Toallowexternalclientdevicestoconnecttoasecurityserverwit hintheDMZ,the

front‐endfirewallmustallowinboundtrafficonTCPports80and443.Toallowthe

securityservertocommunicatewitheachstandardorreplicaserverthatresideswithin

theinternalnetwork,theback‐endfirewallmu

stallowinboundtrafficonTCPport

8009forAJP13‐forwardedWebtraffic,TCPport4001forJavaMessageService(JMS)

traffic,andTCPport3389forRDPtraffic.

Behindtheback‐endfirewall,internalfirewallsmustbesimilarlyconfiguredinorder

toallowtheViewManagerdesktopsandViewConnectionServ

erinstancesto

communicatewitheachother.Port3389(RDP)isusedfortrafficoriginatingfroma

standardorreplicaserverthatisdirectedataguestsystem.Port4001isusedforJMS

trafficoriginatingfromeithertheViewAgentcomponentinstalledoneachView

Managerdesktoporfromasecu

rityserverintheDMZ,andisdirectedatstandardor

replicaViewConnectionServerinstances.

Theback‐endandfront‐endfirewallrulesaresummarizedinTable 2‐1.

External URL

Bydefault,thefully‐qualifieddomainname(FQDN)ofthehostisrequiredbyView

ClientinordertoestablishaconnectionwithViewConnectionServer.Thisinformation

willnotbeavailabletoclientswhoattempttocontacttheserverfromoutsideyour

networkenvironment.

Referto“ClientConnectionsfromtheIn

ternet”onpage 71forinformationonhowto

addanexternalURLtoasecurityservertomakeitaccessiblefromtheInternet.

Table 2-1. Firewall Rules

Firewall Type TCP Port Protocol Source Destination

Front‐end 80 HTTP Any Securityserver

443 HTTPS

Back‐end 3389 RDPSecurityserver Anydesktopvirtualmachine

4001 JMSStandardorreplicaserver

8009 AJP13

4001 JMSAnydesktopVM