Forum Discussion

Jeff_124628's avatar
Jeff_124628
Icon for Nimbostratus rankNimbostratus
Dec 20, 2013

Redirecting session requests between View 5.2 pods with APM

I'm looking for a deep dive document into the various ways to configure session requests (webtop, View client, zero client, IOS and Android) leveraging APM (resource assign?) for internet (RSA) and intranet traffic. I've seen some documentation (deployment guides), but none in depth that go over several scenario installation configurations to this point.

 

With some help i have the APM set up and through happenstance the intranet redirection of session requests based on security group membership is working, but internet traffic is not. any insight would be helpful.

 

Thank you in advance. ~Jeff

 

2 Replies

  • Jeff, Can you add some color to the request for info. I assume from your other posts that you have seen the iApp and the accompanying Deployment Guide. Are you wanting to use RSA auth for (Internet) View clients rather than the Active Directory Username and Password option?
  • Externally I am looking for 2 factor auth. RSA > AD. Internally I am looking for just AD auth. We have 2 VMware Horizon View 5.2 regions (Boston & NY). Each region has 1 GTM and 2 LTM's (11.4) in HA config. We have a single namespace for the entire country (LAN & WAN). Users on the WAN should hit the single namespace. verify their RSA token then based on AD security Group be forwarded to the appropriate region (which presents the View pool/vm they are entitled to). If that “preferred” region is unavailable the LTM/APM should forward them to the region which is available. The LAN single namespace access will merely check security group membership and forward the user to their preferred region. We have an iApp (v1.0 rc3) in configured. External (WAN) only works for the local region the access request is made from. Redirection based on group membership is not working. However, internally (LAN), I can force the membership redirection to work on zero clients only after a second authentication request. The windows client will not redirect at all. I hope this is somewhat clearer and not more confusing. Thank you in advance once again. ~best regards ~Jeff