VMware Workspace ONE Community
skylarkintro
Contributor
Contributor
‎05-12-2014 09:05 AM

Accessing Horzion Workspace Using Public IP

Hi everybody,

I was wondering, is it possible to simply attach another NIC to  gateway-va, assign it a public IP  and directly access Horizon Workspace using this IP?

I'm able to do the same for the View Connection Server, and I don't really want to have to setup a load balancer as I have no need for load balancing.

Is there a simpler way to allow access to Horizon Workspace through a public IP?

Thanks in advance.

0 Kudos
6 Replies
Seb1180
Enthusiast
Enthusiast
‎05-13-2014 01:19 AM

I would not do this to be honest and I don't think you can do it. IMO it is not the way to go.

I would NAT that public ip you want to use in the firewall to the internal ip of the gateway with a rule limiting only https that way you would be safe.

Of course it would be better to have a load balancer / reverse proxy but doing this way would be fine.

Hope this helps

Seb

0 Kudos
skylarkintro
Contributor
Contributor
‎05-13-2014 06:30 AM

Hi Seb,

Thank you for your reply!

I did as you said and when I enter https://<public IP>/ , I am able to access the gateway, but the URL immediately changes back to my internal FQDN. Do I need to make any more changes, such as on the gateway-va itself?

Thanks again for your help!

0 Kudos
Seb1180
Enthusiast
Enthusiast
‎05-13-2014 07:10 AM

Are you trying to reach the gateway using an ip or have you assigned a name to that public ip on your public dns zone ?

I am not sure you can access it through an ip. It must be the fqdn you have defined during the setup.

Now is your internal FQDN different from your public domain name ? If yes do you have a split DNS ?

if your internal domain is different from your public domain I would change the fqdn to be something like horizon.mycorp.com and have the horizon dns records in my public internal dns zone.

hope this is clear otherwise let me know I might be able to help you out Smiley Wink

Seb

0 Kudos
skylarkintro
Contributor
Contributor
‎05-13-2014 08:53 AM

Hi Seb,

I just signed up for a free domain name horizon.xxx.xxx for the public IP and set the internal dns for that same name to my gateway, so now I can successfully access the gateway server using the public domain name from an external network and the internal network.

However, when I go to change the FQDN in my configurator, I get the error Invalid IDP Host/Port.

Thanks!

Edit:

Thought I would provide some more details about what I've done so far:

Windows Server 2008 VM assigned Public IP and setup to forward to gateway-va VM (192.168.0.60) on port 443

Setup public domain name horizon.xxx.xxx for public IP

Created DNS record on domain controller pointing to gateway-va VM for the host name horizon.xxx.xxx

0 Kudos
Seb1180
Enthusiast
Enthusiast
‎05-15-2014 11:42 PM

Hi there,

sorry for not replying but have been sick the last two days.

The Invalid IDP host/port usually comes from the certificate. It might be something else but this is something you shoukd easily find. There are plenty of posts regarding that matter.

Hope you will work around this one Smiley Wink

Cheers

Seb

0 Kudos
skylarkintro
Contributor
Contributor
‎05-17-2014 02:36 AM

Hi Seb,

I ended up re-deploying Workspace following the steps in a previous post of yours and everything seems to be working now :smileygrin:

Thanks

0 Kudos