When the secure tunnel is enabled, Horizon Client makes a second HTTPS connection to the View Connection Server or security server host when users connect to a remote desktop.

When the PCoIP Secure Gateway is enabled, Horizon Client makes a further secure connection to the Connection Server or security server host when users connect to a remote desktop with the PCoIP display protocol.

Note: With Horizon 6 version 6.2 and later releases, you can use Unified Access Gateway appliances, rather than security servers, for secure external access to Horizon 6 servers and desktops. If you use Unified Access Gateway appliances, you must disable the secure gateways on Connection Server instances and enable these gateways on the Unified Access Gateway appliances. For more information, see Deploying and Configuring Unified Access Gateway.

When the secure tunnel or PCoIP Secure Gateway is not enabled, a session is established directly between the client system and the remote desktop virtual machine, bypassing the Connection Server or security server host. This type of connection is called a direct connection.

Important: A typical network configuration that provides secure connections for external clients includes a security server. To use Horizon Administrator or to enable or disable the secure tunnel and PCoIP Secure Gateway on a security server, you must edit the Connection Server instance that is paired with the security server.

In a network configuration in which external clients connect directly to a Connection Server host, you enable or disable the secure tunnel and PCoIP Secure Gateway by editing that Connection Server instance in Horizon Administrator.

Prerequisites

  • If you intend to enable the PCoIP Secure Gateway, verify that the Connection Server instance and paired security server are Horizon 7 4.6 or later.
  • If you pair a security server to a Connection Server instance on which you already enabled the PCoIP Secure Gateway, verify that the security server is Horizon 7 4.6 or later.

Procedure

  1. In Horizon Administrator, select View Configuration > Servers.
  2. On the Connection Servers tab, select a Connection Server instance and click Edit.
  3. Configure use of the secure tunnel.
    Option Description
    Enable the secure tunnel Select Use Secure Tunnel connection to machine.
    Disable the secure tunnel Deselect Use Secure Tunnel connection to machine.
    The secure tunnel is enabled by default.
  4. Configure use of the PCoIP Secure Gateway.
    Option Description
    Enable the PCoIP Secure Gateway Select Use PCoIP Secure Gateway for PCoIP connections to machine
    Disable the PCoIP secure Gateway Deselect Use PCoIP Secure Gateway for PCoIP connections to machine
    The PCoIP Secure Gateway is disabled by default.
  5. Click OK to save your changes.