These topics provide information about areas related to your end users' connections to their entitled desktops and remote applications that are provisioned by Horizon Cloud pods. Such pods are the pod-manager-based ones that are deployed by Horizon Cloud in Microsoft Azure using the console's pod deployment wizard.

When Using PCOIP URLs and a Pod with an Internal Gateway Configuration

As described in Your Horizon Cloud on Microsoft Azure Deployments, a Horizon Cloud pod in Microsoft Azure can be configured with an internal gateway configuration, using Unified Access Gateway instances. For the internal gateway type, even though HTML Access (Blast protocol) configures its external URL to be your provided FQDN, the PCOIP URL uses IP addresses instead. This behavior makes for a difference between the external gateway and internal gateway types with respect to PCOIP:

  • External gateway type: the PCOIP URL is set to the public IP of the external gateway configuration's load balancer resource.
  • Internal gateway type: the PCOIP URL first attempts to resolve your provided FQDN using DNS to an IP address, and then uses that as the PCOIP URL. If the PCOIP URL cannot resolve your provided FQDN, the PCOIP URL instead uses the private IP address of the internal gateway configuration's internal load balancer resource.

Now, your network environment might be such that the internal gateway configuration's load balancer is not the first endpoint in an end-user connection attempt. As an example, you might have an additional endpoint or load balancer that you have set up to redirect to the internal gateway configuration's load balancer. In the certificate you uploaded to the internal Unified Access Gateway gateway configuration when you deployed or edited the pod, you likely have made that certificate match the FQDN or IP addresses of that first endpoint in your networking setup. You likely did that because you expect your end-user clients to access your network environment starting with that first endpoint. If your network environment matches this description, where your end-user clients first access an endpoint that is not the internal gateway configuration's load balancer as their first endpoint, you must ensure your DNS mapping provides for the PCOIP URL to match for your end-user clients to properly authenticate against your provided certificate.