A brand new deployment guide has been posted to F5.com (http://www.f5.com/view) focusing on deploying BIG-IP v11 with VMware View. The guide provides step-by-step guidance on configuration for LTM, APM, as well as using the new iApp for View. Please check out the new Deployment Guide and let us know your feedback. http://www.f5.com/pdf/deployment-guides/vmware-view-5-iapp-dg.pdf

BTW, the iApp for View can be downloaded here: http://devcentral.f5.com/wiki/iApp.VMware-View-5-iApp-Template.ashx

Thanks for posting this Frank. I'm excited about the capabilities of this new iApp. The iApp cuts down on the time it takes to setup a new VMware View deployment to just a few minutes. Along with the enhancements in View 5, this is really a winning combination. The iApp initially asks you whether you are deploying View with LTM using VMware View Security Servers in place or not. If you are using security servers, health monitors, pools, load balancing and virtual servers are all setup to manage connections through View Security Servers. Previously, this had to be done manually, and because View uses three port/protocol combinations, it might a bit of manual labor to setup the system. With the iApp, it's literally one click to get all of that done. Finally, the iApp also asks if you are using APM to further enhance and secure View. In this case, the visual policy is built automatically, further streamlining the process. We look forward to comments and feedback about the iApp.

Hi all, The posted link dos not point to the actual iApp, only to the PDF describing how to use it. I havn't foud the iApp anywhere on Devcentral. Any ideas where it might be ?

Fred, There is an updated version of the iApp in testing right now. I do not have a release date yet, but keep coming back as we will release it as soon as is possible. Paul

I am finding some abiguity in the deployment guide. I had a working View 4.6 with 11.0 and an older iApp, but now I am version View 5 with the latest iApp and I am unable to get this working properly. My environment does not have a security server, and I was planning on using the f5 APM as security for the external view. It seems maybe that the version 5 View and the latest iApp requires a security server, but I cant tell from the deployment guide. It seems to me I should be able to have a full network connection resource and be able to use a VDI session but get broken barely working PCOIP video, and RDP works fine. The same goes for the View iApp, broken bits of video. Using 3900 in DMZ - get logged in through APM, get VPN IP address, connect to connection server, get list of available VDI desktops to connect to, launch one and I see the intial screen, and then pretty much just a few bits and peices of video, like the screen scrapes arent working. Do a netmon trace I see a bunch of packet going to from desktop to client using 4172 and 50002 which seems absolutely correct. I also have this f5 in dmz sending to the internal f5 that has the iApp configured as well and working properly for internal users, but not external. I have tried direct to connection server with the same results as well. I have a call in to support but no guidance as to why this isnt working yet. We are suspecting that I need a security server. Thanks for any help that you can provide. Denis

NEW: Deployment Guide for BIG-IP v11 and VMware View 5

12 Replies

DenisG_22372
Historic F5 Account
Aug 08, 2012
Thanks for the suggestion, I did that and there has been no change. I did make an error in my post:

Client is using 50002, Agent is using 4172

This link says that it is correct, and VMware super engineer says that is correct. the change was to not have the agent use 50001 and now use 4172.

Here is the scenerio, and we feel it is firewall related.

I have an internal f5 using the iApp and internally everyhting is fine.

I have a DMZ f5 using iApp and sending traffic to internal f5. This is probably where the problem is as it is SNAT'ing twice (maybe) I will reconfigure and get it to go direct to Connection server and see where that gets me.

I think I need the following things yet missing some:

VDI_apm_dtls-APM IP Address-4433 - Have a firewall rule external in to DMZ

VDI_apm_http_virtual-APM IP Address-80 (HTTP) - Have a firewall rule external in to DMZ

VDI_apm_https_virtual-APM IP Address-443 (HTTPS) - Have a firewall rule external in in to DMZ

VDI_http_virtual-Virtual View IP Address-80 (HTTP) - No firewall rules

VDI_https_virtual-Virtual View IP Address-443 (HTTPS)

VDI_tcp-10.0.56.0/24-4172 Forwarding (IP)

VDI_udp-10.0.56.0/24-4172 Forwarding (IP)

Please help with firewall rules needed open for APM and only connection server. Firewall in to f5 and f5 to internal network rules. This is begging now.

thanks ever so much,

Denis
Paul_Pindell
Employee
Aug 08, 2012
~~Denis,~~

VDI_apm_dtls-APM IP Address-4433 - Have a firewall rule external in to DMZ (Is this 4433/UDP)

~~VDI_apm_http_virtual-APM IP Address-80 (HTTP) - Have a firewall rule external in to DMZ~~

~~VDI_apm_https_virtual-APM IP Address-443 (HTTPS) - Have a firewall rule external in in to DMZ~~

~~VDI_http_virtual-Virtual View IP Address-80 (HTTP) - No firewall rules~~

~~VDI_https_virtual-Virtual View IP Address-443 (HTTPS)~~

~~VDI_tcp-10.0.56.0/24-4172 Forwarding (IP)~~

~~VDI_udp-10.0.56.0/24-4172 Forwarding (IP)~~

~~You may also need a FW rule to allow 4172 tcp and udp between the bigip and the desktops.~~

~~Paul~~

Forum Discussion

NEW: Deployment Guide for BIG-IP v11 and VMware View 5

12 Replies

Recent Discussions

URL

Problems connecting to vpn after upgrading to ubuntu 24.04

Wildcard SSL Certificate Deployment on F5 LTM

iRule resulting in too many redirects

What happens if I only enable ASM in BIG-IP Under System > Resource Provisioning

Related Content

F5 BIG-IP deployment with OpenShift - platform and networking options

F5 BIG-IP deployment with OpenShift - multi-cluster architectures

F5 BIG-IP deployment with OpenShift - publishing application options

Getting Started with BIG-IP Next: Installing Central Manager on VMware ESXi

F5 BIG-IP deployment with Red Hat OpenShift - the no CIS option