Enabling Horizon View PCoIP Connections via NetScaler

This post is probably not necessary because the configuration is pretty simple and easy to get it working – all you need are a NetScaler running 12.0 code or later, and a view connection server v7.0.1 or later. Currently, it is limited to proxying PCoIP traffic only.

NetScaler Settings for PCoIP

There are two parts to the configuration on the NetScaler:

  • PCoIP VServer Profiles – located in NetScaler Gateway > Policies > PCoIP ; this is where the logon domain name is defined; these are bound to the gateway vServer

 

 

 

 

 

  • PCoIP Profiles – located in NetScaler Gateway > Policies > PCoIP ; this is where you define the Connection Server URL and session timeout; these are bound to the gateway session policy

If you have already created a gateway vServer, you can edit the Basic Settings using the edit pencil (top right) and select the new vServer profile:

 

 

 

 

 

 

 

Additionally, the Gateway vServer needs to use the RfWebUI theme.

The session policy needs to contain the following settings:

  • Clientless Access: On
  • Default Authorization: On
  • PCoIP Profile: <profile_name>

If you are using Unified Gateway you will need to add a few expressions to the is_vpn_url pattern set – this is a default pattern set and cannot be modified, however, you can create a new one copying in the existing expressions by highlighting is_vpn_url and selecting Add. This is all done in AppExpert:

  • Configuration > AppExpert > Expressions > Advanced Expressions
  • Highlight the existing is_vpn_url and click ‘Add’
  • Give the pattern set a name, “is_vpn_url_pcoip” in this example
  • Add the following expressions (don’t copy\paste):
    • HTTP.REQ.URL.PATH.EQ(“/broker/xml”) || HTTP.REQ.URL.PATH.EQ(“/broker/resources”) || HTTP.REQ.URL.PATH.EQ(“/pcoip-client”)

The above newly created pattern set must then replace the existing is_vpn_url in your content switching policy for Unified Gateway

View Connection Server Settings

On your View Connection Servers, you need to set the following:

  • General > Use Secure Tunnel connection under HTTP(s) Secure Tunnel

That’s it!

Connection Options

Once configured will have 2 major options for connectivity – point the Horizon Client at the NetScaler Gateway URL, or use the Gateway portal itself. First, to use the Horizon Client, simply enter the URL of the NetScaler Gateway vServer and login:

Alternatively, you can use the NetScaler web portal and integrate with other apps to utilize the Unified Gateway experience:

Be aware that the Horizon Client will need to be installed to render the PCoIP connection:

References

http://docs.citrix.com/en-us/netscaler-gateway/12/netscaler-gateway-enabled-pcoip-proxy-support-for-vmware-horizon-view.html

https://support.citrix.com/article/CTX223370

4 thoughts on “Enabling Horizon View PCoIP Connections via NetScaler

Leave a Reply