Use pcoip secure gateway for pcoip Indicates whether a secure tunnel on this connection server instance is enabled. From the server running the PCoIP Security Gateway, perform the following steps: Open registry editior. The PCoIP Secure Gateway (PSG) is a way to provide the ability to use PCoIP connections from outside the firewall. Overview NetScaler Gateway 12. Note: Best security practice Teradici highly recommends using this new feature to create a more secure environment. Dec 22, 2018 · Once installed, you can either use the Horizon View Client’s User Interface to connect to Citrix Gateway, or you can use the Citrix Gateway RfWebUI portal page to view the icons published from Horizon. 0 build-2085634: Mar 22, 2023 · On the General tab, check the box next to Use PCoIP Secure Gateway for PCoIP connections to machine. When the PCoIP Secure Gateway is enabled, Horizon Client makes a further secure connection to the Horizon Connection Server host when users connect to a remote desktop with the PCoIP display protocol. On the right, switch to the Connections tab. Click OK to close the Edit Jan 15, 2016 · Use secure Tunnel connection to machine: disabled Use PCoIP Secure Gateway for PCoIP connections to machine: disabled Use Blast Secure Gateway for HTML access to machine: disabled Attempting to access this environment with one of the Wyse Windows Embedded thin clients with an unsupported Horizon Client 3. Aug 10, 2020 · Select Server Edit Unselect Use Secure Tunnel connection to machine Unselect Use PCoIP Secure Gateway for PCoIP connections to machine Select Do not use Blast Secure Gateway Figure 1 If you select Do not use Blast Secure Gateway, you break HTML5 access to published desktops. When I unchecked the box “Use PCoIP Secure Gateway for PCoIP connections to the desktop” in the General tab of View Connection Server Settings I was able to obtain much better video performance… up to 24 frames per second with the zero client resolution set to 1280×1024. The upgrade wizard will prompt for the external PCoIP secure gateway server settings during setup, ensure you enter externally accessible information in here. Note: This article is Dec 31, 2024 · PCoIP Secure Gateway (PSG) certificates can be replaced by CA-signed certificates. I managed to get Services In Use to not show checkbox next to PCoIP Secure Gateway and Blast Secure Gateway so I am guessing that means they are not in use/enabled. About the PCoIP Connection Manager The PCoIP Connection Manager enables connections between PCoIP clients and PCoIP agents installed on remote desktops. Dec 31, 2024 · A Horizon 7 environment has many components, possibly including third-party gateways. Essentially, it allows users to view and interact with a remote desktop in real time, as smoothly as watching a video. Enable Tunnel: YES. Note, when you have the Security Server role installed all connections go via this rather than too the Connection Server. VMware Horizon PCoIP Secure Gateway Manual Provides PCoIP Secure Gateway services. Unlike other protocols, PCoIP uses UDP (User Datagram Protocol) instead of TCP (Transmission i'm going to make the assumption here that you are using UAG externally, but a few things to unpack here: PCoIP <> HTML access - those are two completely different protocols/ports. PCoIP will then gateway through either the associated Security Servers or this Connection Server for all users of this Connection Server and any Security Servers. Nov 7, 2020 · On the General tab, check the box next to Use PCoIP Secure Gateway for PCoIP connections to desktop. At Resources > Farms, edit your RDS Farms. PCoIP is analogous to Citrix HDX/ICA protocol, and Microsoft RDP protocol. Feb 23, 2025 · For PCoIP, the PCoIP Secure Gateway service must be started on the desktop for this setup. Add a String Value SSLCertPresentLegacyCertificate and set the value to 1. If not, refer to Troubleshooting. Note The UDP port number that clients use for PCoIP and VMware Blast might change. Apr 1, 2025 · It also means a Connection Server can be shared for both internal and external connections, with the gateway services—the Blast Secure Gateway, the PCoIP Secure Gateway, and the HTTPS Secure Tunnel—running on the Unified Access Gateway for most use cases. The Connection Server log provide the following information:Collecti Sep 19, 2016 · All other instances of PCoIP (TCP/UDP 4172) have been renamed to PCoIP (UDP 4172) and use a two-way arrow — there are two instances, one connecting to PCoIP Secure Gateway (View Connection Server), and the other to PCoIP Secure Gateway (View Security Server / Access Point) from Horizon Agent (RDSH / Virtual Desktop). Dec 31, 2020 · Use Secure Tunnel to Connect to machine Use PCoIP Secure Gateway for PCoIP connections to machine Under Blast Secure Gateway, select Use Blast Secure Gateway for only HTML Access connections to machine. The Connection Server log provide the following information:Collecti Nov 5, 2025 · To comply with industry or jurisdiction security regulations, you can replace the default TLS certificate that is generated by the PCoIP Secure Gateway (PSG) service with a certificate that is signed by a CA. This article provides information on configuring PCoIP security protocols and cipher suites for all Horizon 7 components. Upgrading the View Agent from 6. The first one is "Blast" protocol and the second one is "PCoIP" protocol. However, our Security team prefer to enable both option for our internal VDI infra using VMware Horizon View v5. Restart the Windows service VMware Horizon View PCoIP Secure Gateway or restart the Connect Server. Nov 5, 2025 · To use the PCoIP Secure Gateway, a client system must have access to an IP address that allows the client to reach the Horizon Connection Server host. Jun 9, 2015 · Unable to connect (0x1002) - P20 Unable to connect to VDI (View Connection Server 5. Jan 2, 2025 · Manually enabling the PCoIP Secure Gateway or BLAST Secure Gateway Services manually is not supported and will not work. In Citrix Gateway 12. Sep 27, 2025 · Version - NetScaler 12. SecureTunnel and PCoIP Secure Gateway disabled Ensure that Secure Tunnel and PCoIP Secure Gateway are disabled on the VMware Horizon View server. 3284564 6. This option may reduce the number of certificate prompts that users receive if using the HTML5 client to access their desktop. Nov 5, 2025 · When the secure tunnel or PCoIP Secure Gateway is not enabled, a session is established directly between the client system and the remote desktop virtual machine, bypassing the Horizon Connection Server. (https://internalserver:443) (192. Connection Server URL is your internal connection server hostname or IP PCOIP External URL is externalIP:4172 (not a hostname, should be the external IP of your security server/UAG) Blast External URL is r/https://external-fqdn:8443 (should resolve to the Jan 2, 2025 · Manually enabling the PCoIP Secure Gateway or BLAST Secure Gateway Services manually is not supported and will not work. Nov 5, 2025 · Desktop and application sessions that use direct connections remain connected even if Horizon Connection Server is no longer running. 2 Sep 27, 2025 · NetScaler Gateway 12. Configuring Security Protocols and Cipher Suites for Blast Secure Gateway Configure Security Protocols and Cipher Suites for Blast Secure Gateway (BSG) 41 Configuring Security Protocols and Cipher Suites for PCoIP Secure Gateway Configure Security Protocols and Cipher Suites for PCoIP Secure Gateway (PSG) 43 What's New Custom certificate support for direct connections to Remote Workstation Card PCoIP Zero Clients can be paired to PCoIP Remote Workstation Cards using custom certificates to establish a secure PCoIP peer-to-peer connection. NetScaler Gateway 12. The pioneering technology powering secured access to digital workspaces Hybrid businesses are empowering their workforce to be productive from wherever they work best through digital workspaces software. What's New Custom certificate support for direct connections to Remote Workstation Card PCoIP Zero Clients can be paired to PCoIP Remote Workstation Cards using custom certificates to establish a secure PCoIP peer-to-peer connection. Also, make sure HTTP (S) Secure Tunnel and Blast Secure Gateway are enabled. It may be necessary to reconfigure security across the environment to meet local security policy and to allow different component versions and variants to co-exist. Delivering PCoIP-based VDI Graphics/Non-Graphics with HySecure To deliver PCoIP-based VDI Graphics/Non-Graphics with HySecure, a Turbo configuration on the Gateway and the following applications, and the access control list are required: Jan 17, 2013 · To enable PCoIP Secure Gateway go to View Configuration > Servers > General and place a tick in ‘Use PCoIP Secure Gateway for PCoIP connections to desktop’. Aug 18, 2025 · Omnissa Unified Access Gateway appliances include a PCoIP Secure Gateway component. We can also let the UAG appear under gateways in the dashboard. Secure Tunnel enabled To be able to use USB redirection or client drive redirection with a remote desktop, ensure that Secure Tunnel is enabled on the VMware View Horizon server. if you have tunnel turned on for any thing other than "Use Blast Secure Gateway for only HTML Access connections Jan 2, 2025 · The Horizon administrator dashboard displays the 'PCOIP Secure Gateway' in an error status. Jun 19, 2025 · Note: The UDP port number that clients use for PCoIP and Horizon Blast might change. For the Horizon deployment, the Unified Access Gateway appliance replaces Horizon security server. 2 or higher would correct the issue: 6. Configuring the Connection Manager and Security Gateway You can configure the Connection Manager and/or the Security Gateway using the pcoip-cmsg-setup configure command. To integrate Access Policy Manager with VMware Horizon View, you must meet specific configuration requirements for VMware, as described here. The general syntax is: Sep 27, 2025 · To support PCoIP Proxy through NetScaler Gateway: 1. Sep 30, 2024 · Open these ports from any device on the Internet to the Unified Access Gateway Load Balancer VIP: TCP and UDP 443 TCP and UDP 4172. 1 and newer support the PC-over-IP (PCoIP) protocol, which is the remote display protocol for several non-Citrix VDI solutions, including VMware Horizon. Contact your IT department to ensure your What is teradici device? Teradici initially developed a protocol (PCoIP) for compressing and decompressing images and sound when remotely accessing blade servers, and implemented it in hardware. Note: This article is Enabling Blast/PCoIP Secure Gateway By default, once a Horizon client has authenticated a Horizon Connection Server, it allows a direct connection to their target desktop or server - Selection from Implementing VMware Horizon 7. Select Connection Servers tab. Click OK when done. Typically, to provide secure connections for external clients that connect to a Horizon Connection Server host over a WAN, you enable the secure tunnel, the PCoIP Secure Gateway, and the Blast Secure Gateway. 4) And most importantly, in Vmware Horizon View, double check your PCoIP Secure Gateway. 2 and later, TCP 32111 is required between Connection Servers in a replica group Cloud Pod Architecture Port Requirements: Select the Connection Server and check the Use secure tunnel connection to machine checkbox and click Use Blast Secure Gateway for only HTML Access connections to machine. The "Blast" secure gateway protocol is the VMware proprietary protocol. Jun 19, 2025 · Security-related server settings are accessible under Settings > Servers in the Horizon console. 0 and Citrix Gateway 12. Dec 31, 2024 · PCoIP Secure Gateway (PSG) certificates can be replaced by CA-signed certificates. The PSG service identifies an SSL certificate to use with the help of a server name and the certificate Friendly name. 0 supports the PC-over-IP (PCoIP) protocol, which is the remote display protocol for several non-Citrix VDI solutions, including VMware Horizon View. 0 or above. Add a String Value SSLCertPresentLegacyCertificate and set the value to 1. For more information about Unified Access Gateway virtual appliances, see Deploying and Configuring Unified Access Gateway. PCoIP uses UDP port 4172. First, to use the Horizon Client, simply enter the URL of the NetScaler Gateway vServer and login: Note The UDP port number that clients use for PCoIP and Blast might change. 6. Windows Server does not have telnet by default, but turn it on or use putty, to telnet to the F5 using 4172 and make sure it's open. To resolve this issue: Go to the Connect Server Registry Editor and open the HKLM\Software\Teradici\SecurityGateway file. You must configure firewalls with ANY where an asterisk (*) is listed in the table. 3. To grant access these virtual desktops, VMware uses two gateway protocols. To use this feature, configure the Connection Manager using the --external-sg-ip flag with the addresses of the failover security brokers. Configuring Security Protocols and Cipher Suites for Blast Secure Gateway Configure Security Protocols and Cipher Suites for Blast Secure Gateway (BSG) 41 Configuring Security Protocols and Cipher Suites for PCoIP Secure Gateway Configure Security Protocols and Cipher Suites for PCoIP Secure Gateway (PSG) 43 See Configure the Blast Secure Gateway at Omnissa Docs. Follow https://kb. If you are ready to replace your default self-signed certificates with your own signed certificates, proceed to Signed Certificates for Production. About the PCoIP Security Gateway The PCoIP When I unchecked the box “Use PCoIP Secure Gateway for PCoIP connections to the desktop” in the General tab of View Connection Server Settings I was able to obtain much better video performance… up to 24 frames per second with the zero client resolution set to 1280×1024. properties on the connection server in the C:\Program Files\VMware\VMware View\Server\sslgateway\conf create a new file „locked. Dec 31, 2024 · PCoIP also uses UDP port 50002 from Horizon Client or UDP port 55000 from the PCoIP Secure Gateway) to port 4172 of the remote desktop or application. Configure Security Protocols and Cipher Suites for PCoIP Secure Gateway (PSG) You can configure the security protocols and cipher suites that PSG's client-side listener accepts by editing the registry. Then, you will be able to connect your Horizon environment through UAG. Click OK. It uses a required third-party connection broker to authenticate users, query available desktops and applications, and then establish a PCoIP connection between the client and the selected desktop. Login to VMware Horizon Administrator Console. May 10, 2023 · This definition explains what PC over IP (PCoIP) is and how it can be used to enable remote desktop displays. Public URL Address. Dec 19, 2022 · Clients that use the PCoIP display protocol can use the PCoIP Secure Gateway. May 18, 2022 · Use Secure Tunnel connection to machine Use PCoIP Secure Gateway for PCoIP connections to machine Do not use Blast Secure Gateway Create a locked. PCoIP and Horizon Blast Extreme are secured by AES-128 encryption by default. 1 build 49 and newer, to enable USB Redirection, enable the HTTP (S) Secure Tunnel and enter the external FQDN for Citrix Gateway. Sep 2, 2021 · To access this virtual desktop we can use our web browser or we can use the horizon client program. If port 50002 is in use, the agent uses port 50003. The CM/SG Health Check examines your log files to ensure that the system is operating correctly. Dec 24, 2024 · Unable to connect to Horizon desktops using PCoIP. Was this topic helpful? Synopsis Port 4172/TCP is used by the PCoIP (PC-over-IP) display protocol from Teradici. After this look at UAG service status under Horizon Settings. My question is regarding the PCoIP Secure Gateway option on my internal connection servers. Sep 3, 2023 · PCoIP is encrypted by default and it cannot be disabled. In Horizon 7. Select a listed Connection Server and Click Edit. Any help would be high appreciate Dec 31, 2024 · PCoIP Secure Gateway (PSG) certificates can be replaced by CA-signed certificates. The steps are ordered in the most appropriate sequence to isolate the issue and identify the proper resolution. Creating, Installing, and Managing Certificates In order to establish secure TLS connections with clients, certificates must be configured for the PCoIP Connection Manager and the PCoIP Security Gateway. This document lists network port requirements for connectivity between the various products, components, and servers in an Omnissa Horizon 8 deployment. This connection allows clients to access remote desktops and applications from the internet. Sep 27, 2025 · To support PCoIP Proxy through NetScaler Gateway: 1. Edit the Horizon Connection Server that Citrix Gateway connects to. Note: The UDP port number that agents use for PCoIP might change. Anyone seen this before? Jun 19, 2025 · Security-related server settings are accessible under Settings > Servers in the Horizon Console. Both are advanced remote display protocols that make more efficient use of the network by encapsulating video display packets in UDP instead of TCP. The PCoIP Secure Gateway is disabled by default. Jan 2, 2025 · The Horizon administrator dashboard displays the 'PCOIP Secure Gateway' in an error status. Oct 13, 2016 · The remote display protocol leaders are Microsoft Remote Desktop Protcol (RDP), PC over IP (PCoIP), VMware Blast and the new Blast Extreme, as well as Citrix's HDX technologies. 2331487: … to 6. Feb 24, 2020 · We want to disable Secure Tunnel, PCoIP Secure Gateway and Blast Secure Gateway, as our UAG will handling doing this. In Unified Access Gateway, you can configure the ports used by the Blast protocol. Dec 13, 2023 · The PCoIP protocol ensures ultra-secure remote connectivity between a remote computer and a broad range of client devices including stateless PCoIP Zero Clients, PCoIP Software Clients and PCoIP Mobile Clients. 0). Under General tab, deselect Use Secure Tunnel connection to machine option under HTTP (S) Secure Tunnel. Using the PCoIP Security Gateway. Note: This article is Configuring the Connection Manager and Security Gateway You can configure the Connection Manager and/or the Security Gateway using the pcoip-cmsg-setup configure command. Important: The Security Gateway's public IP address must be set during installation When a Security Gateway is installed using the --enable-security-gateway flag, its public IP address is set using the --external-pcoip-ip flag during installation. Aug 14, 2022 · In View Administrator, click View Configuration > Servers. I understand that when the option is left unchecked, that the PCoIP session is established between the client directly to the desktop and that when it is checked, the client establishes it's connection to the desktop through the connection server. Select the Connection Server to which the Security Server is paired. May 13, 2022 · In the PCoIP Secure Gateway section, select the Use PCoIP Secure Gateway for PCoIP connections to machine check box. Multiple instances of the Connection Manager and Security Gateway can be deployed to handle mixed LAN and WAN access points or for scaling large systems. Click OK to close the Edit Aug 18, 2025 · The PCoIP Secure Gateway connection supports PCoIP, and the Blast Secure Gateway connection supports Horizon Blast Extreme. 3. 168. Image Text PCoIP Secure Gateway disabled Ensure that PCoIP Secure Gateway is disabled on the VMware Horizon View server. For port mapping, when the desktop uses the standard PCoIP port 4172, but the client must use a different destination port, mapped to port 4172 at the port mapping device, you must configure the plug-in for this setup. PCoIP and HTML Access connections use separate secure Jun 29, 2017 · General > Use Secure Tunnel connection under HTTP (s) Secure Tunnel That’s it! Connection Options Once configured will have 2 major options for connectivity – point the Horizon Client at the NetScaler Gateway URL, or use the Gateway portal itself. (PCoIP) TCP and UDP 8443 (for HTML Blast) Open these ports from the Unified Access Gateways to internal: TCP 443 to internal Connection Servers (through a load balancer) TCP and UDP 4172 (PCoIP) to all internal Horizon What's New Custom certificate support for direct connections to Remote Workstation Card PCoIP Zero Clients can be paired to PCoIP Remote Workstation Cards using custom certificates to establish a secure PCoIP peer-to-peer connection. Ensure that the Checkboxes for Use Secure Tunnel connection to machine, PCoIP Secure Gateway, and Use Blast Secure Gateway for Blast connections to machine are UNCHECKED, as having any of these checked will cause connection issues. Only . He configured the connection servers to user the secure tunnel connection and use pcoip secure gateway options but he configured these to use the internal names and IP address. Horizon Connection Servers PCoIP I am in the process of configuring a new Horizon 7 deployment and after adding the external IP:4172 for the PCoIP secure gateway, I get the warning under system health: the service has minor issue. Mar 5, 2011 · さて、本題のView Security Server の「PCoIP Secure Gateway」というコンポーネントを使うときの話をしよう。 設定は簡単で、View Administrator上で [View Configuration] [Servers]を選択し、 [Enable the PCoIP Secure Gateway]を選ぶだけ。 Sep 14, 2023 · The PCoIP Security Gateway is used with Horizon View Connection Server when connecting to a local Remote Workstation Card from a PCoIP endpoint located outside the local network. Restart the Windows service Horizon View PCoIP Secure Gateway service or restart the Connection Server. You can optionally deploy multiple Security Gateways so that if the gateway being used by a PCoIP session becomes unavailable, the session is automatically transferred to the next available gateway. 0. properties“ and add following lines: (portalHost=IP of connection Nov 18, 2024 · Resolution To resolve this issue: Go to the Connection Server Registry Editor and open the HKLM\Software\Teradici\SecurityGateway file. In all the three text boxes enter correct external URL (Secure Tunnel / Blast) or public IP (PCOip). vmware. You specify this IP address in the PCoIP external URL. You should be able to access the VMware View Connection service through the VIP address. Ensure that PCoIP Secure Gateway is disabled on the VMware Horizon View server. For more information on certificate replacement, see Configure the PCoIP Secure Gateway to Use a New TLS Certificate in the Omnissa Horizon View Installation guide. If your security server/UAG is for external use, then yes, you should set your External URLs to values that are publicly accessible. On the General tab, uncheck PCoIP Secure Gateway. An SSL VPN using TCP as the transport layer is not supported. You can optionally deploy multiple PCoIP Security Gateways so that if the gateway being used by a PCoIP session becomes unavailable, the session is automatically transferred to the next available gateway. com/s/article/2088354 for a resolution. Jan 24, 2018 · Troubleshooting Port Connectivity For Horizon’s Unified Access Gateway 3. The PCOIP Secure Gateway is not working properly. Select the Connection Server and check the Use secure tunnel connection to machine check box and click Use Blast Secure Gateway for only HTML Access connections to machine. Dec 13, 2024 · Select a Connection Server, then click Edit and check the box that says " Use PCoIP Secure Gateway for PCoIP connections to desktop ". d In the PCoIP External URL text box, make sure that the URL contains the external IP address for the security server or <strong>View</strong> Connection Server instance that <strong>View</strong> clients can access over the Internet. Identify View Connection Server General Settings Jan 3, 2016 · Disabling Use PCoIP Secure Gateway for PCoIP connects to machine fixed the issue: This solution wasn’t practical for me as it would allow internal connections but external connections through the View Security Server would not work. Universal License - PCoIP Proxy uses the Clientless Access feature of NetScaler Gateway, which means every NetScaler Gateway connection must be licensed for NetScaler Gateway Universal. Select the Use PCoIP Secure Gateway for PCoIP connections to desktop option. The connections to the View desktops use port 4172 through the server that is running the PCoIP Secure Gateway. If port 50002 is in use, the client selects port 50003, and if port 50003 is in use, the client selects port 50004, and so on. Navigate to I nventory –> View Configuration –> Servers. 5. Advanced authentication disabled Ensure that RSA authentication and other advanced authentication types are Jun 9, 2015 · Unable to connect (0x1002) - P20 Unable to connect to VDI (View Connection Server 5. HTML access runs through the browser only and uses 443, 8443 and 22443 depending on where you are/etc. 7 - Third Edition [Book] May 5, 2025 · You can deploy Unified Access Gateway with Horizon Cloud with On-Premises Infrastructure and Horizon Air cloud infrastructure. 1. TCP and UDP Ports That Horizon Client Uses Jul 30, 2025 · Security-related server settings are accessible under Settings > Servers in the Horizon Console. 1) from P20 (Firmware Ver. This service must be running if clients connect to Connection Server through the PCoIP Secure Gateway. 2 Using Curl And Tcpdump Setting up UAG in a DMZ requires at least a minimum degree of coordination and collaboration between VDI admins and firewall guys. Tunnel External URL: UAG external URL which clients use for tunnel connections View Secure Gateway (USB, RDP, MMR). May 5, 2025 · You can deploy Unified Access Gateway with Horizon Cloud with On-Premises Infrastructure and Horizon Air cloud infrastructure. PCoIP Secure GatewayはSecurity Serverに持たせることもできますが、今回はシングルサーバ内でSecure Gatewayを設定する方向で検証します。 通常のトンネル接続とSecure Gatewayの設定は以下の通り。 通常はトンネル接続が有効、PCoIP Secure Gatewayが無効ということみたいです。 Both the PCoIP Connection Manager and PCoIP Security Gateway support wildcard certificates which can be used on multiple PCoIP Connection Manager and PCoIP Security Gateway servers. UDP 4172 must be opened in both directions. The PCoIP protocol is Hello, We have a small horizon 7 environment. It covers both the PCoIP Connection Manager and the Security Gateway Linux applications. 2. Also, make sure Secure Tunnel and Blast Secure Gateway are enabled. This type of connection is called a direct connection. I am looking for more information on how to disable Blast, PCoIP, HTML access completely. Disable the secure gateways (Blast Secure Gateway and PCoIP Secure Gateway) on Horizon Connection Server instances and enable these gateways on the Unified Access Gateway appliances. Dec 1, 2014 · In the PCoIP Secure Gateway section, clear the Use PCoIP Secure Gateway for PCoIP connections to desktop check box: Click OK to save your changes. Aug 18, 2025 · For more information, see Client Connections Using the PCoIP and Blast Secure Gateways. PCoIP HySecure Gateway Configuration This section covers the PCoIP configurations done in the HySecure Gateway. In the Blast External URL field, enter the FQDN of the load balancer or UAG (https://:8443). To get PCoIP traffic from untrusted networks to PCoIP Hosts the following options can be used: Over a VPN that is UDP compatible. To view the active PCoIP connections, in NetScaler, go to Citrix Gateway > Policies > PCoIP. Feb 10, 2025 · Security-related server settings are accessible under Settings > Servers in the Horizon console. 4. When the PCoIP Secure Gateway is enabled, after authentication, clients that use PCoIP can make another secure connection to an Unified Access Gateway appliance. This makes PCoIP itself secure on untrusted networks. 1:4172). First, to use the Horizon Client, simply enter the URL of the NetScaler Gateway vServer and login: Jun 29, 2017 · General > Use Secure Tunnel connection under HTTP (s) Secure Tunnel That’s it! Connection Options Once configured will have 2 major options for connectivity – point the Horizon Client at the NetScaler Gateway URL, or use the Gateway portal itself. This technology was later expanded to thin clients/zero clients for general Virtual Desktop Infrastructure. Dec 30, 2024 · What is PCoIP and How is it Used? PCoIP, short for PC-over-IP, is a display protocol that compresses a desktop and transmits it over a standard IP network to a zero-client device. Connecting to Horizon desktops using PCoIP fails. Tried changing negotiation ciphers, etc. if problems are found Sep 20, 2024 · The Unified Access Gateway runs the following gateways as part of the Horizon edge service: the Blast Secure Gateway, the PCoIP Secure Gateway, and the HTTPS secure tunnel. May 2, 2014 · I need to deselect the "Use secure tunnel connection to desktop" and "Use PCoIP Secure Gateway for PCoIP connection to desktop". Nov 4, 2011 · When configuring the PCoIP secure gateway element you can either install this on the View Connection server or on the View Security Server which can then be installed in a DMZ. Summary This article provides details on how to use the PCoIP Connection Manager (CM) and Security Gateway (SG) logs and support bundle to diagnose and troubleshoot CM/SG issues. In the PCoIP External URL field, enter the a PCoIP IP address and port 4172. exp. Teradici PCoIP Connection Manager and Security Gateway The PCoIP Connection Manager and the PCoIP Security Gateway are components of Teradici Cloud Access Software, and are deployed together as a set. 3) Use the "sessiondump" on the CLI when logging in for troubleshooting to see how far the user is getting. Nov 13, 2025 · Note: The UDP port number that clients use for PCoIP and Horizon Blast might change. My question is: Should the connection server setting be pointing to the external URL/IP address or the internal one? May 5, 2025 · Unauthorized display protocol traffic is disregarded by Unified Access Gateway. Nov 18, 2024 · Resolution To resolve this issue: Go to the Connection Server Registry Editor and open the HKLM\Software\Teradici\SecurityGateway file. If port 50003 is in use, the agent uses port 50004, and so on. So what should organizations use where? What are the strengths and weaknesses of each protocol and can organizations have just one protocol for all uses? The choice is really only between PCoIP and VMware Blast Extreme The Blast Secure Gateway on Unified Gateway can dynamically adjust to network conditions such as varying speeds and packet loss. Contact your IT department to ensure your Oct 1, 2018 · Enables connection through UDP in case of lower bandwidth. If this is set to false, a secure tunnel on this Connection Server instance is enabled and horizon clents can connect to desktop pools through the secure tunnel, which carries RDP and other data over HTTPS. Any help would be high appreciate Dec 31, 2024 · A Horizon 7 environment has many components, possibly including third-party gateways. To achieve high performance, low latency, and secured digital workspace access, these solutions rely on powerful protocols such as PC-over-IP (PCoIP®) technology. Step 2. When updating your Horizon Server to the latest version, please reapply this process after a successful update. VMware Horizon (formerly View) uses TCP 4172 (along with UDP 4172) for PCoIP connections between Horizon Clients/zero clients and desktops via the PCoIP Secure Gateway/Unified Access Gateway. Apr 7, 2022 · "Use Secure Tunnel connection to machine" "Use PCoIP Secure Gateway for PCoIP connections to machine" are both not selected Select "Do not use Blast Secure Gateway". Each step below provides instructions and a link to a document, for performing the step and taking corrective action as necessary. You must disable this feature on Connection Servers. 2. Click Edit. If the required certificate files are not present or they are improperly configured, clients will not be able to connect and users will not be able to establish PCoIP sessions. More information at VMware Blog Post Technical Introduction to VMware Unified Access Gateway for Horizon Secure Remote Access. adnftjg wmzuiz thlu xjik arfw wha zdejiuxc sytvj vlwjg rrspzka cjvny qqiblb vsieni tamvilmj mggco