AWI Client: View Connection Server Session Settings

Select the View Connection Server session connection type from the Configuration > Session page to configure the client to use a View Connection Server as the broker when connecting to a VMware desktop.

AWI Session Connection Type – View Connection Server

AWI Session Page Parameters

Parameter Description

DNS Name or IP Address

Enter the View Connection Server's DNS name or IP address. For VMware Horizon DaaS, this is the DNS name or IP address of the VMware Horizon DaaS Desktop Portal.

Pool Name to Select

Enter the pool name. When the list includes a pool with this name, the client will immediately start a session with that pool.

Note: This field is case-insensitive. For Tera1 zero clients, this parameter is called Desktop Name to Select.

Port

By default, port 443 is used to communicate with the connection server. If your network is set up to use a non-standard port for secure connections, enter the port number.

Certificate Check Mode

Select the level of verification performed on the certificate presented by the connection server:

  • Never connect to untrusted servers: Configure the client to reject the connection if a trusted, valid certificate is not installed. (This is the most secure option.)
  • Warn before connecting to untrusted servers: Configure the client to display a warning if an unsigned or expired certificate is encountered, or if the certificate is not self-signed and the zero client trust store is empty. (This option is selected by default.)
  • Do not verify server identity certificates: Configure the client to allow all connections. (This option is not secure.)

Certificate Check Mode Lockout

When enabled, prevents users from changing the Certificate Check Mode settings from the OSD or AWI.

Trusted View Connection Servers

Click the Show button to display View Connection Servers for which the client has received a valid certificate.

Click the Clear button to clear this cache.

Auto Connect

This field determines the client's auto connect behavior after startup:

  • Enabled: The client automatically connects with the connection server after startup and a PCoIP session ends, bypassing the OSD Connect page.
  • Disabled: The client does not automatically connect with the connection server.
  • Enabled With Retry On Error: The client will continuously attempt to contact the connection server. After a connection failure, the client waits before attempting to connect again. This wait time increases with each successive failure. The wait interval is not configurable.

Note: Devices running firmware 4.1.1 or lower do not support Retry On Error behavior and will always perform a single attempt to contact the connection server when this option is selected.

Note: After enabling Auto Connect, the client must be power-cycled for the change to take effect.

Connection Server Cache Mode

This field determines whether a connection server is dynamically added to the Server drop-down menu on the OSD Connect page when a user types in a valid server address, or whether it appears in a read-only list for the user to select.

  • Last servers used: Select this option if you want a list of cached servers that a user has typed in to appear in the Server drop-down menu on the OSD Connect page.
  • Read-only: Select this option if you want users to select a connection server from a read-only list.

Note: You can use the PCoIP Management Console to pre-populate the list of available connection servers.

Enable Self Help Link

See Enabling the Self Help Link for details.

Auto Launch If Only One Pool

When enabled, users are automatically connected to a provisioned desktop or application after user credentials are entered.

Note: For Tera1 zero clients, this parameter is called Auto Launch If Only One Desktop.

Note: This feature only applies to users who are entitled to a single desktop. It does not apply to users entitled to multiple virtual desktops.

Remember Username

When enabled, the username text box automatically populates with the last username entered.

Use OSD Logo for Login Banner

When enabled, the OSD logo banner appears at the top of login screens in place of the default banner. You can upload an OSD logo from the OSD Logo Upload page.

Prefer GSC-IS

When selected, the GSC-IS interface is used if a smart card supports more than one interface such as CAC (GSC-IS) and PIV endpoint. If a smart card supports only one interface, such as either CAC or PIV endpoint, then only the CAC or PIV endpoint interface is used regardless of this setting. This only affects smart card access performed outside of PCoIP sessions.

Enable Peer Loss
Overlay

When enabled, the “Network Connection Lost” overlay appears on the display(s) when a loss of network connectivity is detected. Normal hypervisor scheduling delays can falsely trigger this message.

Note: This option is only available for a zero client. Desktop applications that require the peer loss notification should re-enable the feature through the OSD, AWI, or MC.

Enable Preparing Desktop Overlay

When enabled, the "Preparing Desktop" overlay appears on the display(s) when users log in.

Note: This overlay provides assurance that login is proceeding if the desktop takes more than a few seconds to appear.

Enable Session Disconnect Hotkey

When enabled, users can press the Ctrl+Alt+F12 hotkey sequence to pop up the "Zero Client Control Panel" overlay, which lets them disconnect the current session on the workstation or power off the workstation.

Note: Before users can use this disconnect hotkey sequence, certain other configuration options must be in place. See Disconnecting from a Session for details.

Enable RDS Application Access

When enabled and users connect to a VMware Horizon View Connection Server that offers applications, a list of available applications will be presented.

Note: Applications open in full-screen mode, but can be re-sized once users are in session.

PCoIP Utility Bar Mode (Tera2 zero clients only)

When enabled, the PCoIP Utility Bar appears at the top of the primary display when a user is in session and moves the cursor directly under the bar. The utility bar can be used to disconnect a session or to shut down a remote workstation. For Direct to Host session connection types, Local Cursor and Keyboard must be enabled in order for the zero client to process mouse events for the utility bar. For all connection types, the mouse must be locally connected (i.e., not bridged).

  • Disabled: Disables the PCoIP Utility Bar. Note: (By default, the utility bar is disabled.)
  • Enabled: Enables and auto-hides the PCoIP Utility Bar. Users can show the utility bar by pointing the mouse at the top of the screen directly under the utility bar. Users can slide the utility bar to the right and left at the top of the screen.
  • Enabled and Pinned: Enables and pins the PCoIP Utility Bar at the top of the screen. Users cannot hide the utility bar, but they can slide it to the right and left at the top of the screen.

Note: This feature is configurable from the MC and AWI only. It requires firmware version 4.2.0 or newer.

Session Negotiation Cipher

Important: In release 4.8.0, the security cipher features listed below are supported on Tera2 zero clients only. In order to use a non-SHA-1 cipher, both the client and host endpoints must support it.

Note: For sessions with software hosts, the zero client should be configured to use the Maximum Compatibility option.

For Tera2 zero clients:

Configure the Transport Layer Security (TLS) cipher to use for negotiating the TLS session between the PCoIP client and the PCoIP host.

  • Maximum Compatibility: TLS 1.0 or higher with RSA keys including ciphers that use SHA-1: This option provides maximum compatibility.
  • Suite B: TLS 1.2 with Suite B-compliant 192-bit elliptic curve encryption. This option provides a higher level of security.
  • Disable SHA-1: TLS 1.2 with RSA keys and strong ciphers using only SHA-256 or SHA-384: When selected, only devices running firmware 4.8.0 or greater are affected.
    Note: Currently this option can only be used with Amazon WorkSpaces hosts.

For Tera1 zero clients:

Configure the Transport Layer Security (TLS) cipher to use for negotiating the TLS session between the PCoIP client and the PCoIP host.

  • Maximum Compatibility: TLS 1.0 with RSA keys and AES-256 or AES-128 encryption: This option provides maximum compatibility.
  • Suite B: TLS 1.2 with Suite B-compliant 192-bit elliptic curve encryption. This option provides a higher level of security.

Enabled Session Ciphers

Enable or disable an encryption mode for the device. By default, all encryption modes that pertain to a device are enabled.

  • AES-128-GCM (Tera1 and Tera2): An encryption method implemented in first-generation Tera1 and second-generation Tera2 processors. This method offers the best performance between hardware endpoints for Tera1 devices. AES-128-GCM also may offer improved performance for Tera2 clients when connecting to VMware 4 or newer if there is more than about 7 Mbps available on the network.
  • AES-256-GCM (Tera2 only): A more secure encryption method implemented in second-generation Tera2 processors that offers the best performance between hardware endpoints. When connecting to VMware 4 or newer, AES-128-GCM is recommended.
  • Salsa20-256-Round12 (Tera1 only): A lighter encryption method implemented in firmware that may offer improved performance for Tera1 clients when connecting to VMware View 4 or newer if there is more than about 7 Mbps available on the network.

Note: For more information about connecting to VMware Horizon virtual desktops, see “Using PCoIP® Zero Clients with VMware View User Guide” (TER0904005) in the Teradici Support Documentation Center.

Note: The enabled encryption mode must match between the host and client for a session to be established. If more than one mode is enabled, the firmware selects the following:

  • Host to Tera1 or Tera2 clients: AES-128-GCM or AES-256-GCM for the PCoIP session.
  • VMware View 4.5 and later to Tera1 client: SALSA20-256-Round12 for the PCoIP session.
  • VMware View 4.5 and later to Tera2 client: AES-128-GCM for the PCoIP session.

Disconnect Message Filter

This field lets you control what type of messages appear when a session is disconnected. There are three categories:

Information: User- or administrator-initiated actions affecting the session:

  • You have been disconnected because you logged in from another location or your host was shut down or restarted.
  • You have been disconnected because an administrator disconnected you.
  • You have been disconnected because you logged in from another location.
  • You have been disconnected because you disconnected from your workstation.

Warning: System-initiated, but expected actions affecting the session:

  • You have been disconnected because your session timed out.

Error: Unexpected system-initiated actions causing session to fail:

  • You have been disconnected.
  • Unable to connect (0x1001). Please contact your IT administrator.
  • Unable to connect (0x1002). Please contact your IT administrator.
  • Session closed remotely.
  • Session closed remotely (unknown cause).
  • You have been disconnected due to a configuration error (0x100). Please contact your IT administrator for assistance.
  • You have been disconnected due to a configuration error (0x201). Please contact your IT administrator for assistance.
  • You have been disconnected due to a configuration error (0x300). Please contact your IT administrator for assistance.
  • You have been disconnected due to a configuration error (0x301). Please contact your IT administrator for assistance.
  • You have been disconnected due to a configuration error (0x302). Please contact your IT administrator for assistance.
  • You have been disconnected due to a configuration error (0x303). Please contact your IT administrator for assistance.
  • You have been disconnected due to a configuration error (0x305). Please contact your IT administrator for assistance.
  • You have been disconnected due to a configuration error (0x400). Please contact your IT administrator for assistance.
  • You have been disconnected due to a configuration error (0x401). Please contact your IT administrator for assistance.
  • You have been disconnected due to a configuration error (0x402). Please contact your IT administrator for assistance.
  • You have been disconnected due to a configuration error (0x403). Please contact your IT administrator for assistance.
  • You have been disconnected due to a configuration error (0x404). Please contact your IT administrator for assistance.

Note: For detailed information about the above session disconnect codes, please see KB 15134-872 in the Teradici Support Site.

You can choose to display:

  1. Show All messages – This option shows all disconnect messages including Info, Warning, and Error messages.
  2. Show Error and Warnings Only – This option hides info messages and displays only error and warning messages.
  3. Show Error Only – This option hides Info and Warning messages and displays only Error messages.
  4. Show None – Don’t show any disconnect messages.

Custom Session SNI

When enabled, sets a customized Server Name Indication (SNI) string on authorized man-in-the-middle-enabled clients. The SNI string is appended to the SSL/TLS HELLO when the client initates an SSL connection with the host.

Enable DSCP

When enabled, the device populates the Differentiated Services Code Point (DSCP) field in the IP header, allowing intermediate network nodes to prioritize PCoIP traffic accordingly.

Enable Transport Congestion Notification

When enabled, transport congestion notification is enabled to allow PCoIP endpoints to react accordingly if an intermediate network node sets the congestion notification bit in either the IP header or PCoIP transport header.

Note: For more information about the PCoIP transport header, see PCoIP Packet Format.

Enabling the Self Help Link

The Self Help Link option lets you configure a self-help link that will appear on the OSD Connect window. When users click this link, they are automatically connected to a specific desktop that can be used as a corporate resource—for example, a desktop containing IT help information. After enabling this option, you then configure all the necessary details to automatically log users in to the desktop that you specify. You also configure the link text that you want to appear on the Connect window.

Enable Self Help Link Options

When you enable this field, the following options appear:

Parameter Description

Connection Server

Enter the fully-qualified domain name of the connection server brokering the desktop (e.g., a PCoIP Connection Manager for a PCoIP Connection Manager session connection type, or a View Connection Server for a View Connection Server session connection type).

Port

By default, port 443 is used to communicate with the connection server. If your network is set up to use a non-standard port for secure connections, enter the port number.

Username

To password protect the self-help desktop, enter a username in this field.

Password

To password protect the self-help desktop, enter a password in this field.

Domain

Enter the domain name for the self-help desktop (e.g., mycompany.com).

Pool Name to Select

Enter the pool or desktop name for the self-help desktop.

Note: This field is case-insensitive. For Tera1 zero clients, this parameter is called Desktop Name to Select.

Link Text

Enter the text that you want to appear as hyperlinked text on the Connect window.