Setting up VMware View Security Server

Now that I have the base VMware View setup, I really wanted to watch videos on my iPad from Starbucks. To access the VMware View environment from outside, the VMware View security server must be setup. The security server is an outside PCoIP tunneling mechanism linked to the connection broker. If a static IP address for the security server is available, it’s an easy job. However, with a dynamic IP address, typical of a home internet service provider, it’s another matter.

The main problem is that a security server setup requires an IP address and DNS name, which means that I need to automatically update the WAN IP address changes to the security server configuration. The dynamic DNS can be used for outside DNS name resolution. After much Googling, I found the solution from Gabe’s Virtual World Blog.

  1. First, set up a dynamic DNS. I used dyndns.org. In order to update the WAN IP address changes, a dynamic DNS update client needs to be installed on one of the servers.
  2. Next, set up the security server. The security server is not joined to the domain since it sits in the DMZ. Uninstall all unnecessary programs and turn on the Microsoft Windows firewall. Install the connection broker software and choose the security server role. You will have to enter a password to pair it with the connection broker. A security server hardening guide can be found at http://communities.vmware.com/docs/DOC-14612
  3. Configure the router to forward ports 80, 443 and 4172 to the security server. Ports 80 and 443 are TCP only. Port 4172 is both UDP and TCP.
  4. Configure the connection broker. The connection broker’s external URL is the local host name (ex: https://connectionsvr:443). The PCoIP URL is an internal IP address (ex: 192.168.1.50:4172)
  5. Configure security server from the VMware View Manager window. The security server external URL is the public dynamic DNS name (ex: https://mysecuritysvr.dyndns.org:443) and the PCoIP URL is the external dynamic IP address (ex: 172.66.192.52:4172). The PCoIP URL needs to change whenever your router gets new WAN IP address.
  6. Set up the power shell script in the connection broker server. Set the task manager to run every hour or so. In order to run the Microsoft Windows Power shell script, I had to install the vSphere Power CLI (downloaded from VMware site [AP2] ), and VMware View Power CLI (located on the C:Program FilesVMwareVMware VMware ViewserverextrasPowershelladd-snapin.ps1).
  7. I modified the Powershell script to update without checking for IP address changes:

Add-PSSnapin VMware.VimAutomation.Core

Add-PSSnapin VMware.VMware View.Broker

# Name of the Security Server

$SecurityServer = slsecsvr

# For logging creating a timestamp

$TimeStamp = Get-Date -format yyyy-MM-dd-H-mm

# Filling $CheckedIP with the external IP address, using whatismyip.com service

$wc = New-Object net.WebClient

$CheckedIP =

$wc.downloadstring(http://automation.whatismyip.com/n09230945.asp)

# Now check the current ExternalPCoIPURL entry

$CurrentSettings = Get-ConnectionBroker

$CurrentIP = $CurrentSettings.externalPCoIPURL

Update-ConnectionBroker -broker_id slsecsvr -externalPCoIPURL $CheckedIP

$NewSettings = Get-ConnectionBroker

$row = $TimeStamp + , + $CheckedIP + , + $CurrentIP + ,

+ $NewSettings.externalPCoIPURL

$row | Out-File -FilePath c:scriptscheck-ip.log Append

The Big Question: How well does it work?

The View system was very easy to setup and works very well. On the internal LAN, it’s almost a PC-like experience. While you cannot play 3D games, you are able to watch video, use Microsoft Office applications, browse the web, and also use bi-directional audio tools such as Skype. The iPad experience has been excellent from both inside home and Starbucks while watching Adobe Flash videos. I say it’s definitely well spent $500. My wife agrees most of the time!

Related Blog Posts

See All Blogs

TechTarget: Hyper-Converged Infrastructure Solutions Boost Channel

Enterprises are turning to hyper-converged infrastructure solutions because of their simple deployment model and high levels of automation. Some channel partners are cashing in on the technology shift, but traditional storage products still represent an enormous market. In this article…

Cisco Live 2018: Vendor Opens Management Console to Partners

In this article for TechTarget, Force 3's VP of Client Solutions Jason Parry weighs in on the new opportunities arising from Cisco DNA Center. In Cisco's latest nod to software, the company has opened its Cisco DNA Center to developers,…

GCN: Building a Better Agency Through Software Orchestration

In federal IT, there is sometimes fear that software orchestration will render the technology professional’s role obsolete. This mindset, however, is misguided. In reality, the exact opposite is true: Orchestration has the potential to not only make federal IT workers’…

3 Use Cases for Harnessing Next-Gen HCI

These days, between budgeting shortfalls and the unending data explosion, federal IT organizations face significant pressure to do more with less. This decline affected all areas of IT including software, hardware, networks and outsourced IT services. But even as funding…

NextGov: No Better Time for Software Orchestration

As agencies look to modernize, software orchestration offers an opportunity to make sure all their software is working together. It makes sense: All of your software should work together. And, once implemented, software automation and orchestration can help IT systems…

Hyper-Converged Infrastructure (HCI): Scalability and QoS

For federal agencies, hyper-converged infrastructure (HCI) offers scalability, quality of service. Federal agencies today face extensive pressure to move faster. Nowhere is this truer than in the IT realm, where teams are expected not only drive operational efficiency and reduce…

IoT & The Intelligent Edge: Defending Outside The Firewall

The Internet of Things, though still evolving, has pushed its way into the workplace. The result? CSOs are working overtime to keep up. What’s the protocol for these connected devices, and how do they fit into the existing security infrastructure?…

GCN: The Hidden Challenges of Federal IT Modernization

In the next three years, an estimated $3 billion worth of federal IT equipment will reach end-of-life status, according to former U.S. Federal CIO Tony Scott. It’s an intimidating number, and one that indicates just how far-reaching the need is…

IoT in Federal: From Concept to Reality and Risk

The way we reconcile our security concerns with IoT’s inevitable integration will determine whether the revolution upgrades our lives or creates chaos.  Remember when the Internet of Things was more concept than reality? Those days are long gone. Demand for…

NextGov: How Can Agencies Prepare for a Software Future?

For federal agencies and their IT teams, change is inevitable. After all, it’s the nature of IT to change and grow alongside rapid innovation. Today, agencies must adapt as we shift from a hardware-centric model to an increasingly software-defined world.…

InformationWeek: Containerization Gains Traction & We’re Better for it

Cloud-based application development has taken big strides, and it's delivering benefits for enterprises such as federal agencies. Application development has forever been a thorn in the side of federal agencies. It’s tough, after all, to innovate when hampered by the…

TechTarget: Tech Launch Shakes Up Cisco Campus Network Design

Channel executives said Cisco's new campus networking approach offers software-defined networking, management and security capabilities, but will face a customer adoption test. Channel partners are absorbing a new take on Cisco campus network design in light of the vendor's revised…

GCN: Building a Better Backup

For public sector employees who work in national security, emergency response or disease control, data access can literally mean life or death. In the event of data loss, the consequences can be substantial, even when the immediate implications seem less…

GCN: Keeping Pace with SDN Means Embracing its Benefits

With the introduction of any new networking technology, two things are inevitable: First comes the hype, with organizations everywhere discussing whether to invest in it. Second is the panic -- particularly among the professionals tasked with implementing and adopting it.…

Channel: Cost, speed as hyper-converged infrastructure benefits

Channel partners active in hyper-converged infrastructure see an expanding set of use cases, although mission-critical applications may lag behind other HCI candidates. In this article from TechTarget, Force 3's next-generation networking director Jon Kim discusses recent developments in the hyper-converged infrastructure…

Cisco IoT Strategy Will Unleash Services Opportunities, Forge Ties With Technology Vendors

In this article from CRN, Force 3 CEO Mike Greaney joins other industry channel partners to weigh in on Cisco’s IoT Strategy featured at this year’s Cisco Global Partners SummitCisco Systems is putting its Internet of Things strategy into higher…

Programmability: How Federal Agencies Can Embrace Programmable Networks

In a professional climate that demands nonstop productivity, organizations everywhere depend on their technology to keep pace. More than ever, federal agencies want systems and processes that reduce complexity and waste. Even so, adopting and implementing new technology comes with…

SDX Central: Enhancing Network Security With SDN Automation

When it comes to software-defined networking (SDN) automation, certain benefits frequently get more attention than others. Take, for instance, the simultaneous provisioning of network functions and servers, which allows applications to become available in minutes instead of days or weeks.…

CRN: The benefits of pairing Cisco and VMware for software-defined networking

Until recently, many IT customers approached software-defined networking purchases as an either-or decision between Cisco and VMware. But, as software-defined networking grows in popularity, companies are increasingly deploying both Cisco and VMware solutions. Check out CRN’s article, “Partners: Enterprises are…

Force 3 Perspective: As software-defined networking gains traction, so do its visionaries

Jon Kim directs Force 3's Next Generation Networking division, which focuses in particular on software-defined networking (SDN) and other emerging technologies. Here, he weighs in on what the recent departures of SDN leaders for the venture capital world might mean…

For Customers, Software-Defined WAN Offers Automation, Savings, Efficiency

With benefits like automation, speed and increased efficiency, software-defined WAN promises to reduce the cost and complexity of wide area networks (WAN), while boosting real-time application performance. In TechTarget's feature SD-WAN technology offers channel partner opportunities, Force 3’s vice president…

Boosting Security in Software-Defined Networks

With the growing popularity of technologies such as software-defined networks (SDN), hyper-converged infrastructure and the Internet of Things, IT professionals must constantly prepare for new vulnerabilities in their efforts to bolster network security. In this recent guide from TechTarget, Software-defined…

How SDN builds next-gen security

As software-defined technology continues to gain traction in the federal space, agencies can expect to see a significant, positive impact on their own security posture. Those who embrace software-defined and other next-generation technologies will benefit from three key improvements that…

Force 3 at VMworld: What’s New and Next in Virtualized Computing

What was the overall atmosphere of VMworld? There was a lot of excitement around NSX, especially what the next big use case will be and what are further drivers of the technology. I think attendees were really looking for that…

‘No Respect’ for Critical Communication Infrastructures

"That’s the story of my life, no respect! I don't get no respect I tell ya!" - Rodney Dangerfield Much like the late Rodney Dangerfield, business phones tend to not get much respect. Considering the mission critical role that communications…

Webcast Recap: Next-Generation Data Center Security Webcast hosted by FCW.com

On May 28th Force 3, Palo Alto and VMware sponsored a webcast hosted by FCW.com. The webcast focused on Next-Generation Data Center Security and featured a presentation by Air Force CTO, Frank Konieczny, with a roundtable discussion featuring Jason Parry,…

Wireless Deployments: The Cost Question?

Wireless Deployments: The Cost Question? Radio Frequency engineers have a peculiar dilemma when it comes to standing up new deployments at facilities that are looking to implement Wi-Fi services. A frequent dilemma centers on the customer’s request for a pricing…

Agencies set building blocks of the software-defined enterprise

http://gcn.com/Articles/2014/07/22/Software-defined-data-center.aspx?Page=1

Catch up to your employee’s demands: Go beyond the desktop!

Take note, workforce. We have entered a new era: The Post-PC Era. No longer does the PC tie employees down with its chains. Studies show that sales of PCs are down 30% and it's not because we're in a bad…

VDI at home: building a 10-user environment for $500 (Part 3: creation of a desktop master virtual machine)

We've got VMware View installed, so now what? The key technology of VMware View is the use of VMware View composer with linked clone. Since users will not have the mechanism to make changes to the OS drive (or even…

How can we help your agency achieve its mission?

Maximize your IT investments. Learn more about solutions and services from Force 3.