The View Security server should be set up in a DMZ-type environment with firewalls separating it from both the WAN and LAN traffic.
The following rules need to be configured on the firewalls:
External ports used to communicate with clients are listed in the following table:
Source |
Source port |
Protocol |
Destination |
Destination port |
Notes |
---|---|---|---|---|---|
Horizon client |
TCP/Any |
HTTP |
Security server |
TCP 80 |
For HTTP to HTTPS redirects. |
Horizon client |
TCP/Any |
HTTPS |
Security server |
TCP 443 |
For HTTPS communication with the web browser and the View Horizon client. |
Horizon client |
TCP/Any UDP/Any |
PCoIP |
Security server |
TCP 4172 UDP 4172 |
For communications between the View Horizon client and the security server. This port carries all the PCoIP traffic including USB tunneling, audio, and video. |
Security server |
UDP 4172 |
PCoIP |
Horizon client |
UDP Any |
The security servers send PCoIP data back to the client from UDP port 4172. The destination... |