AWI Host: Connection Management Interface Session Settings

Select the Connection Management Interface session connection type from the Configuration > Session page to configure an external connection manager as the connection broker for the host to use.

Note: External connection managers can simplify the administration effort for large, complex systems. In a managed connection, an external connection manager server communicates with a device, and can remotely control and configure it. The connection manager can also locate an appropriate peer for the device to connect to, and then initiate the connection.

AWI Session Connection Type – Connection Management Interface (Host)

AWI Session Page Parameters

Parameter Description

DNS Name or IP Address

Enter the DNS name or IP address of the connection manager.

Accept Any Peer

When enabled, the host accepts connections from any client. When disabled, you must specify the MAC address of the peer you want the host to accept.

Peer MAC Address

Enter the MAC address of the client that is allowed to connect to the host. If the Accept Any Peer option is enabled, this field is not required and not editable.

Session Negotiation Cipher

Configure the Transport Layer Security (TLS) cipher to use for negotiating the TLS session between the PCoIP client and the PCoIP host.

  • Maximum Compatibility: TLS 1.0 with RSA keys and AES-256 or AES-128 encryption: This option provides maximum compatibility.
  • Suite B: TLS 1.2 with Suite B-compliant 192-bit elliptic curve encryption. This option provides a higher level of security.

Enabled Session Ciphers

Enable or disable an encryption mode for the device. By default, all encryption modes that pertain to a device are enabled.

  • AES-128-GCM (Tera1 and Tera2): An encryption method implemented in first-generation Tera1 and second-generation Tera2 processors. This method offers the best performance between hardware endpoints for Tera1 devices. AES-128-GCM also may offer improved performance for Tera2 clients when connecting to VMware 4 or newer if there is more than about 7 Mbps available on the network.
  • AES-256-GCM (Tera2 only): A more secure encryption method implemented in second-generation Tera2 processors that offers the best performance between hardware endpoints. When connecting to VMware 4 or newer, AES-128-GCM is recommended.
  • Salsa20-256-Round12 (Tera1 only): A lighter encryption method implemented in firmware that may offer improved performance for Tera1 clients when connecting to VMware View 4 or newer if there is more than about 7 Mbps available on the network.

Note: For more information about connecting to VMware Horizon virtual desktops, see “Using PCoIP® Zero Clients with VMware View User Guide” (TER0904005) in the Teradici Support Documentation Center.

Note: The enabled encryption mode must match between the host and client for a session to be established. If more than one mode is enabled, the firmware selects the following:

  • Host to Tera1 or Tera2 clients: AES-128-GCM or AES-256-GCM for the PCoIP session.
  • VMware View 4.5 and later to Tera1 client: SALSA20-256-Round12 for the PCoIP session.
  • VMware View 4.5 and later to Tera2 client: AES-128-GCM for the PCoIP session.

Enable DSCP

When enabled, the device populates the Differentiated Services Code Point (DSCP) field in the IP header, allowing intermediate network nodes to prioritize PCoIP traffic accordingly.

Enable Transport Congestion Notification

When enabled, transport congestion notification is enabled to allow PCoIP endpoints to react accordingly if an intermediate network node sets the congestion notification bit in either the IP header or PCoIP transport header.

Note: For more information about the PCoIP transport header, see PCoIP Packet Format.