If your environment's networking is not configured properly for use with the Horizon Cloud pod in Microsoft Azure, the process to build out the pod can get stuck in PENDING state or the post-deployment action to domain bind to your Active Directory environment might fail. The two most common network-related causes are failing to open the required outbound ports and failing to enable the DNS to resolve both internal and external addresses. By following the troubleshooting steps here, you can run some tests to verify the required outbound ports are open and the DNS can resolve both internal and external addresses.

The overall networking requirements for successfully deploying a pod are stated in the prerequisites checklist and described in Configure the DNS Server Settings Needed by the VNet Topology You Will Use for Your Horizon Cloud Pods in Microsoft Azure and Horizon Cloud on Microsoft Azure Deployments - Host Name Resolution Requirements, DNS Names. If your environment's networking does not meet those requirements, you will encounter one or both of these two issues:

Issues Common causes
  • The Getting Started page shows the pod in pending state and it never proceeds to connecting state. Usually a pod is in pending state for about 10 minutes (except when deploying a pod into Microsoft Azure China cloud, which takes longer).
  • Even when the pod has successfully deployed, when you attempt to register your Active Directory, the domain-bind step fails with the error Unable to register Active Directory
  • Required outbound ports are not open, or are blocked by your firewall environment. If the required outbound ports are not open or are blocked by a firewall, it prevents the pod software from securely downloading into the Microsoft Azure cloud environment and connecting back to the Horizon Cloud cloud control plane. As a result, the pending state issue occurs.
  • The VNet DNS server is not properly configured to point to a valid DNS server that can resolve both internal and external machine names.
  • Though the VNet DNS server is properly pointing to a DNS server, that DNS server cannot resolve both internal and external machine names.

If no DNS resolution for external machine names is provided to the VNet, the pending state issue and domain-bind issue can occur. For example, if the DNS cannot resolve to the Active Directory on the Domain Controllers, the domain-bind step fails. For details about the VNet DNS configuration, see Configure the DNS Server Settings Needed by the VNet Topology You Will Use for Your Horizon Cloud Pods in Microsoft Azure.

To run some tests that will check that the DNS configuration can resolve internal and external names and check that the required outbound ports are open, you deploy a small test virtual machine (VM) into your Microsoft Azure subscription and then use that VM to run these networking tests. The high-level sequence of troubleshooting steps is:

  1. Create an SSH key pair.
  2. Create the test VM in your Microsoft Azure subscription.
  3. Connect to that test VM.
  4. Run the networking tests.
  5. When the testing is done, delete the test VM and all the test-related artifacts that were created in your Microsoft Azure environment for doing this troubleshooting.
Note: If you do not delete the test-related artifacts and you later use the console's Delete action to delete the pod, unexpected results can occur. When deleting a pod, the system checks the pod's subnets to verify that everything connected to the subnets belongs to the pod itself, according to the pod's ID. If the system determines additional VMs, VM disks, IPs, or other artifacts are connected to the pod's subnets, the system cannot cleanly delete the pod.

For details about running the troubleshooting tests, see the following sections.

Important: Even though all of these manual tests succeed, if you are directing all traffic out through your on-premises network and only allowing authenticated traffic to pass, but you did not provide values for using a proxy in the pod deployment wizard, the pod deployment can get stuck in pending state. If this description matches your situation, you must delete the pod from the Getting Started page, re-run the pod deployment wizard, and specify the required proxy information.