3.0.1

Table Of Contents
View Manager Administration Guide
72 VMware, Inc.
Manyorganizationsrequirethatuserscanconnectfromanexternallocationbyusing
agloballyresolvabledomainorsubdomainnameorIPaddress,orbyreassigning
specificportsonanexistingaddress,inordertorouteclientrequeststotheappropriate
location(typically,thesecurityserver).Forexample:
https://view-example.com:443
https://view.example.com:443
https://example.com:1234
However,someadditionalconfigurationwithinViewConnectionServerisrequiredfor
addresseslikethesetowork.
Overview of Client Connections
ViewClientattemptstocreatetwoseparateTCPconnectionsbetweenitselfandView
ConnectionServer.Thefirstconnectionhandlesuseroperationssuchasauthentication,
desktopselection,andsoforth.Thesecondconnectionisinstantiatedafterlogonand
providesatunnelforcarryingRDPdata.
ThefirstconnectionismadeusingtheURLorIPaddressentere
dbytheuserintothe
client.Providingthefirewallandloadbalancingcomponentshavebeenconfigured
correctlyinyournetworkenvironment,thisrequestreachestheserver.Upon
authentication,thefullyqualifieddomainname(FQDN)ofViewConnectionServeris
returnedtotheclient.
Thesecondconnection(thetu
nnelconnection,whichisSSLencryptedbydefault)is
attemptedusingtheFQDN.However,theconnectionfailsiftheFQDNcannotbe
resolvedbytheexternalViewClient.Anexamplesequenceofexternalandinternal
clientinteractionswiththeserverisshowninFigure 51.
Figure 5-1. External Client Connection
View
Connection Server
server2.int
View
Security
Server
server1.int
VMware
Infrastructure
third-
party
load
balancer
View
Client
1 https://myview.mycorp.com
1 https://server2.int
2 https://server2.int
firewall firewall
internalexternal
VirtualCenter
ESX
Active
Directory
2
1
2 https://server1.int