Before you can upgrade or reinstall a security server instance, you must remove the current IPsec rules that govern communication between the security server and its paired Connection Server instance. If you do not take this step, the upgrade or reinstallation fails.
By default, communication between a security server and its paired Connection Server instance is governed by IPsec rules. When you upgrade or reinstall the security server and pair it again with the Connection Server instance, a new set of IPsec rules must be established. If the existing IPsec rules are not removed before you upgrade or reinstall, the pairing fails.
You must take this step when you upgrade or reinstall a security server and are using IPsec to protect communication between the security server and Connection Server.
You can configure an initial security server pairing without using IPsec rules. Before you install the security server, you can open Horizon Administrator and deselect the global setting Use IPSec for Security Server Connections, which is enabled by default. If IPsec rules are not in effect, you do not have to remove them before you upgrade or reinstall.
With View 5.0.x and earlier releases, you could remove a security server either from within the Horizon Administrator user interface or by using the vdmadmin -S command-line command. In View 5.1 and later releases, you must use vdmadmin -S. See "Removing the Entry for a Horizon Connection Server Instance or Security Server Using the -S Option" in the Horizon 7 Administration document.
- In Horizon Administrator, click .
- In the Security Servers tab, select a security server and click .
If you disabled IPsec rules before you installed the security server, this setting is inactive. In this case, you do not have to remove IPsec rules before you reinstall or upgrade.
- Click OK.
What to do next
Upgrade or reinstall security server.