APM :: VMware View :: Blast HTML5

VMware version is 6.1.1

Hey Ryan What build/version of BigIP are you using?

only reason i ask is to make sure you are running at minimum v12.0 HF1 as per the deployment guide.

BIG-IP APM v12.0 requires HF1 to support the Horizon View HTML5 client in Horizon View 6.1.1 or later.

Also can you send a screenshot of the Connection Server Instance APM is utilizing are any of the tunnel boxes ticked?

Thanks Matt

I'm using BIG-IP 12.1.1 Build 1.0.196 Hotfix HF1 on a vCMP instance (if that matters).

Connection Server screenshot:

Hey Ryan,

The boxes for the Tunneling should be all unchecked when using APM, could you try unchecking all of the boxes and try again?

Just out of curiosity as well, your locked.properties file, are you using a lot of mixed clients? just trying to understand why you have all of those protocols enabled...

Also if you didnt know F5 and VMware have collaborated to showing this kind of configuration in a lab environment, these configurations might be useful to your implementation.

HOL-MBL-1759 Module 3 for APM and PCoIP Proxy http://labs.hol.vmware.com/HOL/catalogs/lab/2792

Also you can just goto the manual section as per this link http://docs.hol.vmware.com/HOL-2017/hol-1759-use-3_html_en/l531442

I don't have access to the VMware stuff, so I have to rely on another group to tell me what they have configured (unfortunately). They originally had these checked, so I had them un-check them:

I attempted to connect again, and I received the same certificate error I did originally. My packet capture on the BIG-IP no longer showed port 8443 attempts either.

If I attempt to click on the link displayed in the error message, I just get a connection reset.

I'm not sure if this is cosmetic or not...

Nov 14 12:58:06 10.1.41.190 debug vdi[5564]: 01490000: {2c.C.abb9a0d7} [HandleResult][68] 17SetSessionDBValue result 'tmm.session.abb9a0d7.session.vmware_view.connection_server.a875c6c9-2020-4590-a978-2e34a3b9587b' = 'x.x.x.91%0:443'

... but it's showing a route domain of zero?

I'm configured for a route domain of 134:

Also, my desktop is assigned a route domain of 0 as well:

Nov 14 12:58:06 10.1.41.190 debug vdi[5564]: 01490000: {2c.C.abb9a0d7} [HandleResult][68] 17SetSessionDBValue result 'tmm.session.abb9a0d7.session.vmware_view.desktop.a875c6c9-2020-4590-a978-2e34a3b9587b' = 'x.x.x.10%0:22443'

If this isn't just cosmetic, then that's probably my problem. Which I don't understand because I assign it to the proper RD in the VPE.

Nov 14 12:58:05 10.1.41.190 debug vdi[5564]: 01490000: {2c.C.abb9a0d7} [HandleResult][68] 17GetSessionDBValue result 'tmm.session.abb9a0d7.session.assigned.route_domain' = '134'

Ok - I figured it out.

That route domain of zero must just be cosmetic... because now it's working once I allowed port 22443 out of RD 134 on the network firewall.

So with a combination of those tunnel checkboxes (or lack thereof) and the firewall rule for TCP/22443 - that seems to have resolved my issue.

Thanks Matt for your help.

Resolved by removing the checkboxes on the VMware View server, and allowing port TCP/22443 through the firewall. Thank-you Matt again for your assistance.

No Problem, glad it worked out just keep in mind if using these brokers internally for HTML5 blast they might experience now issues with SSL errors as they are not tunneling that HTML5 internally 2 ways to resolve this

1) use APM internally

2) setup separate connection brokers with the HTML5 blast box ticked to resolve.

Hope this helps!