Another EUC Blog

Expand search form
Menu

Configure NSX-V Edge Load Balancer for Horizon

Horizon View, NSX, VMware by Hari Patel Leave a Comment on Configure NSX-V Edge Load Balancer for Horizon

In this blog post I will walkthrough of how to create a load balancer VIP to balance traffic between VMware Connection servers.

In the below case, I’ll configure an NSX edge to load balance traffic between my connection servers.

 

 

 

 

 

Step 1 : Deploy a NSX Edge

In networking and Security, clic on NSX Edges and Add

Configure a name and a host name for your NSX Edge, in my case i’ll do not use HA.

Configure a username and a password, take care that the policy is more restrictive than usual.

For lab purpose, compact deployment will be far enough

Configure an interface where the edge will communicate, this ip will handle the VIP for your loadbalancer.

Configure a gateway

Again for lab purpose, i’ll use a default policy which allow all traffic.

Step 2 : Configure the load balancer

First of all, enable the load balancer service on your edge

Step 3 : Create an application profile

In a first time, i’ll do not use any certificate. Each broker will show its own self signed certificate.

Configure SSL Passtrough, and use SSL Session ID for the persistence mode

Step 4 : Create a new pool containing my two broker

Use IP-HASH algorithm, and the default https rules for monitoring traffic

Add your brokers in members, and configure port 443.

Step 5 : Create a virtual server

Create a virtual server, with https protocol and redirecting to the previously created Horizon pool

Step 6 optionnal : Add a self signed certificate

Go back in the configure tab of your Edge, select certificates, in the CSR Actions, clic generate certificate

Select your previously generated CSR and select self sign certificate.

Go back into your application profile and select HTTPS End to End instead of SSL passtrough.
Self your self signed certificate on the Client and Server side.

In my case, you can see that the horizon certificate is presented, not the broker one.
Hari Patel

Hari Patel

You might be interested in …

VMware PowerCLI Connect-VIServer Error: Invalid server certificate. Use Set-PowerCLIConfiguration

VMware

    Problem:   Unable to connect vCenter with  “Connect-VIServer” command. It gives error “VMware PowerCLI Connect-VIServer Error: Invalid server certificate. Use Set-PowerCLIConfiguration“       Reason:   The issue usually happen whenever Self Signed Certificate is used in Vcenter server.     Solution:   Execute below command to ignore Certificate check during vCenter Connection. […]

Read More

Workspace ONE Access Multisite Tasks – One Pager

vIDM, VMware, Workspace ONE Access

For the past few weeks, I have been working with my project team and my customer to help them stand up VMware Access on a secondary site. With the help of Haseeb Waseem, I have created a single spreadsheet which includes all the major steps needed to create a secondary site. Hope this is helpful […]

Read More

How to Change Workspace ONE Access SAML Signing Certificate

VMware, Workspace ONE Access

In my previous engagement, a customer asked to change the Workspace ONE Access SAML signing cert after a year and a half in production.  WS1 Access was fully deployed along with DR sites and configured as 3rd party IDP with ADFS for O365 use cases. Background: SAML signing certificates ensure that messages are coming from […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

Close Menu