Network Address Translation (NAT) and port mapping configuration are required if Horizon Clients connect to virtual machine-based desktops on different networks and a NAT device lies between the client and the desktop running Horizon Agent Direct-Connection Plugin (formerly View Agent Direct-Connection Plug-In).

You configure external addressing information on the desktop so that Horizon Client can connect to the desktop by using NAT or a port mapping device. Use the same addressing information specified by the External URL and Blast External URL settings on the Connection Server.

Example of Setting up a Blast client Using a NAT Device and Port Mapping

In the following example configuration which uses NAT and port mapping, the ExternalIPAddress is set to 10.1.1.1, which is network-translated to 192.168.1.1, and ExternalBlastPort is set to 82443, which is port-mapped to 22443.
Setting up a Blast client, security gateway, and server using a NAT Device and Port Mapping.

Configuring the NAT IP Address

In most NAT configurations, Horizon Agent Direct-Connection Plug-in gets the host address from the request URL of the client by default. However, there might be cases where there is a proxy server that changes the URL of the client or Horizon Agent Direct-Connection Plug-in fails to receive the URL of the client.

In these cases, you can specify the NAT IP address using the ExternalIPAddress setting in the /etc/vmware/vadc/viewagent-vadc.conf configuration file. See Horizon Agent Direct-Connection Plug-In Configuration Settings.

Horizon Agent Direct-Connection Plug-in for Linux only supports IPv4 at this time. IPv6 is not supported.

Configuring the NAT Blast Port

To specify the port number that the client will use to make Blast connections through a port mapping device, use the ExternalBlastPort setting in the /etc/vmware/vadc/viewagent-vadc.conf configuration file. See Horizon Agent Direct-Connection Plug-In Configuration Settings.

You can specify either a static port number or a dynamic port number which depends on the NAT HTTPS port number. For example, the setting ExternalBlastPort=82443 specifies the static port number 82443.

To specify a dynamic port number relative to the NAT HTTPS port number, use the + character with ExternalBlastPort. For example, consider a port mapping device that uses HTTPS port number 1000 mapped to TCP 443, and Blast port number 1001 mapped to TCP 22443. In this scenario, you can configure the setting ExternalBlastPort=+1. When the HTTPS connection comes in from a client using an HTTPS destination port number of 1000, the external Blast port number is dynamically calculated in relation to that number, resulting in 1001.