Tera2 PCoIP Zero Client Firmware 5.5.2 Release Notes

Release Overview

PCoIP Zero Client Firmware 5.5.2 is a firmware for Tera2 PCoIP Zero Clients (not PCoIP Remote Workstation Cards).

This release provides security and bug fixes over release 5.5.1. These release notes provide a summary of key feature additions, compatibility notes, resolved issues, and known issues for this release.

What's New in This Release

Removed AES-128 in PCoIP session

PCoIP sessions can only be encrypted with AES-256

Important Notes and Requirements

  • PCoIP Management Console 2.x cannot detect or manage devices on firmware versions prior to version 5.0. If upgrading from firmware 4.x, then either the zero client AWI or PCoIP Management Console 1.10.3 to 1.10.x must be used to upgrade the zero client to firmware 5.x.
  • Zero clients on firmware 5.x can only be managed by PCoIP Management Console 2.0 or higher. PCoIP Management Console 1.x cannot detect or manage devices on firmware 5.0 or higher.
  • Zero clients being upgraded to firmware 5.x from a 4.x release must first be upgraded to firmware 4.7 or 4.8.
  • This download includes a file identified by the .all extension specifically for use by the Administrative Web Interface (AWI) and a file identified by the .pcoip extension specifically for use by PCoIP Management Console 2.x.
  • This .pcoip file contains zero client firmware 5.5.1 for Tera2 PCoIP Zero Clients only.

Release Downloads

Related Documents and Software

Release History

5.5.2May 2019General Availability Release
5.5.1May 2017General Availability Release


Compatibility NotesWorkstationVMware HorizonAmazon WorkSpacesTeradici Cloud Access Platform
This release is compatible with VMware Horizon 7.1, 7.3, 7.4, 7.7 and 7.8. It is also compatible with one major release of Horizon prior to this. Other versions of Horizon may also be compatible, but will need to be verified in your specific deployment environment. Certification status of zero clients should be obtained from VMware’s HCL. See KB 1618 for more information on VMware Horizon certification and compatibility.

PCoIP Connection Manager for Amazon WorkSpaces 1.0.2 or higher is required in order to connect to Amazon WorkSpaces.Use of Amazon WorkSpaces with hourly billing requires the PCoIP Connection Manager for Amazon WorkSpaces 1.0.5 or higher.

Management requires a compatible endpoint manager such as PCoIP Management Console release 2.0 or higher.
While mixed firmware release operation is not generally supported, this firmware release has been tested to work with Remote Workstation Cards on Remote Workstation Card firmware 4.9.0.Note: Using Zero Clients on this firmware release to connect to Remote Workstation Cards may require you to use both versions of PCoIP Management Console: version 2 to manage the zero clients, and version 1.x to manage Remote Workstation Cards until such time as there is a Remote Workstation Card firmware release that is supported by PCoIP Management Console 2.0 or higher.X

This release has been tested against Imprivata OneSign 5.2 with VMware Horizon 7.1.

This release has been tested with the Leostream Connection Broker version 8. It is not compatible with earlier versions of the Leostream Connection Broker.Note: After upgrading from PCoIP Zero Client Firmware 4.x to 5.x, the session connection type for the zero client must be changed to PCoIP Connection Manager, with the address of the Leostream Connection Broker. Also ensure the Leostream Connection Broker has had ‘Enable TLSv1.1 protocol’ enabled in the Connection Broker Security Options section of the Connection Broker > System > Settings page.XX
Supported browsers are Firefox, Chrome, Internet Explorer 11, and Microsoft Edge. Versions of the browsers tested are those that were available prior to release.Web browsers must support TLS 1.1 or higher to connect to the administrative web interface (AWI).

Resolved Issues


Known Issues

Certificates with unreadable DNs are not logged | 75044

Certificates with unreadable Domain Names (DN) will not be logged if the firmware is unable to match any certificates against known CAs.

Stylus cannot wake up display. | 74801

If the display goes to sleep, the stylus on a Wacom tablet cannot be used to wake it up.


Use mouse or keyboard to wake up display.

VCS Communication error with SC650 BLADE and Horizon 7.5 | 72839

VCS Communication Error is encountered when an SC650 blade smartcard is used to authenticate with a VCS Horizon 7.5.0. This is not an issue with Horizon 7.4 or earlier.


Recommendation is to not upgrade to Horizon 7.5 at this time.

View Connection Server (VCS) requiring smart card authentication with VCS disclaimer dialog open can cause crash | 72655

A crash can occur when connecting to a View Connection Server (VCS) requiring smart card authentication  while having a VCS disclaimer dialog open but no smart card is used. This has been observed with firmware 5.5.1, 6.0.0, and 6.1.0 when connecting to Horizon 7.4 or 7.5. This is not an issue in firmware releases prior to 5.5.1 connecting to Horizon 7.4 or 7.5, or Horizon releases prior to 7.4 when used with firmware versions 5.5.1 or higher.


Options to workaround:

  • Ensure a smart card is inserted at login
  • Disable disclaimer

Zero client in Auto Detect crashes upon receipt of invalid certificate chain | 71136

The zero client may crash with the error: {quote}0d,00:00:00.00> LVL:1 RC:   0        MGMT_SYS :*** CRITICAL ERROR CONTEXT DUMP ***

0d,00:00:00.00> LVL:1 RC:   0        MGMT_SYS :Reset cause: SOFTWARE {quote} when it is is configured for either one of the VMware Horizon connection types, or Auto Detect, and is presented with an invalid certificate chain (such as one containing duplicate entries).


Verify and correct the certificate chain.

Client Certificate field is cleared when a Management Console profile contains two certificates | 69127

Client Certificate field is cleared when a Management Console profile contains two certificates and the zero client is configured to obtain an 802.1x certificate via SCEP.

Recent versions of Google Chrome no longer trust the PCoIP certificate | 68436

Google Chrome does not trust zero client and remote workstation card certificate. (versions this is verified on are versions 63.0.3239.84 and 65.0.3325.181.

It reports {quote}This server could not prove that it is ###.###.###.###; its security certificate does not specify Subject Alternative Names. This may be caused by a misconfiguration or an attacker intercepting your connection. {quote}

Certificates with long subject names populated using the Cyrillic alphabet cannot be parsed by the zero client. | 68434

Certificates with long subject names populated using the Cyrillic alphabet cannot be parsed by the zero client.


Use a shorter subject name in the certificate.

Zero Client cannot establish a PCoIP session after Qualys scan | 65940

Zero Client is unable to establish a PCoIP session after some Qualys scans.


Disable the Administrative Web Interface will sove this issue.

For all security conscious customers, we recommend disabling the Administrative Web Interface.

Incorrect error presented when certificate uploaded via AWI | 65165

When uploading a certificate via AWI, even though the certificate is uploaded into the certificate store the following error may be displayed: Error. The upload did not complete. Please try again.


Verify the certificate is in the certificate store. If it is, ignore the error.

Disconnect from an unlicensed PCoIP Agent provides no notification | 64378

There are cases where a user attempting to connect to a Cloud Access Software desktop will be disconnected without a notice or error message if the desktop does not have a valid license.

Zero clients may reboot if a Nessus scan is performed while SNMP is enabled. | 62970

Zero clients may reboot if a Nessus scan is performed while SNMP is enabled.


Disable SNMP on the zero client.

Setting timezone to UTC in Management Console results in UTC+0 Europe/Dublin | 62959

If the Management Console is configured to push the timezone setting of (UTC+0:00) UTC to the zero client, the zero client will set itself to (UTC+0:00) Europe/Dublin or (UTC+0:00) Europe/London. This timezone makes use of daylight savings time. There is no option in the zero client for (UTC+0:00) UTC.


There is no option in the zero client for (UTC+0:00) UTC. However, if UTC+0:00 without daylight savings is required, then (UTC+0:00) Atlantic/Reykjavik can be used instead.

Mouse scroll down causes scrolling up really fast when using Emerson KVM | 62767

Scrolling down on an Emerson KVM scroll wheel causes the active window to scroll up very quickly.

Crestron KVM using absolute coordinates when not expected | 62766

Crestron KVMs may unintentionally use absolute coordinates if absolute coordinates has been configured for another device connected to the zero client.

SIPR token authentication may fail with multiple certificates on card | 62201

The zero client will fail to complete SIPR token smart card authentication against VMware Horizon View when the smart card contains more than two certificates.


Ensure that the card has no more than two certificates.

Change in button timing for entering manual recovery | 61350

Beginning with firmware 5.2.1, the power button sequence to boot a zero client from powered down into the recovery image is:

Press power button once to turn on the client

Wait for one second

Triple tap power button

Zero client boots into the recovery image

From firmware 5.0.0 to 5.2.0, it was possible to triple tap the power button immediately after turning on the zero client. This is no longer supported.

Mouse cursor briefly unresponsive after zero client reboot | 60568

The On-Screen Display's mouse cursor may be unresponsive for a few seconds after a zero client reboot when a web browser is connected to the zero client's Administrative Web Interface.

Zero Client is unable to use IPv6 VMware Horizon View when DHCPv6 is not available | 47650

If the zero client is configured for IPv6, and it cannot connect a DHCPv6 server, it will be unable to connect to a desktop when brokered by an IPv6 VMware Horizon View Connection Server. The zero client displays the message 'CONFIGURATION_ERROR - IPv6 capability required: Your VMware Horizon View Client addressing configuration is not compatible with this View Server...'

Security scanners may report zero client to be susceptible to CVE-2004-0230 | 45883

Security scanners may report that the zero client is susceptible to CVE-2004-0230. This CVE exists in TCP stacks in devices that implement the Border Gateway Protocol. While this is a significant issue for routers that implement the Border Gateway Protocol, it is not a significant issue for zero clients.

Mouse wheel problem occurs with Belkin Advanced Secure Keyboard/Mouse Switch | 42387

Mouse wheel scroll-down does not work while in a PCoIP session. This occurs when the mouse is connected to a zero client through a Belkin Advanced Secure Keyboard/Mouse (KM) Switch. This problem has been observed while using KM models F1DN102K, F1DN104K, and F1DN108K.


On Tera2 Zero Clients, bridge the KM and enable the Force Local Cursor Visible on the zero client Configuration > USB Administrative Web Interface.

Zero client fails to resolve FQDN with a label that starts or ends with an underscore | 40824

A zero client will not resolve an FQDN that begins or ends with the underscore character (for example, _myhost.teradici.local).

Restrict Proximity Card setting does not work with VMware Horizon RDSH | 40754

The Restrict Proximity Card setting does not work with VMware Horizon RDSH sessions when set to disabled.

Enumeration failures with Western Digital portable hard drives | 39419

Western Digital Passport external portable hard drives connected to a zero client internal hub may fail to enumerate.


Connect the drive to a zero client root hub port, or connect the drive to an external hub that is connected to the zero client, then restart the PCoIP session and disconnect/reconnect the drive.

Manual IPv6 gateway address is overwritten on reset | 34901

Although the IPv6 Gateway address is displayed as an editable field on the zero client Administrative Web Interface (AWI), changes to this field are not respected by the zero client firmware. Instead, the IPv6 gateway is determined using IPv6 Router Advertisement.

Configuring a zero client in IPv6 mode to manual addresses and setting the IPv6 Manual Address to the same value as the Link Local Address will make the zero client Administrative Web Interface (AWI) unreachable.


Use the On-Screen Display (OSD) to reconfigure the IPv6 address settings.

Evoluent VerticalMouse 4 does not work when connected behind a hub during active session | 33706

The Evoluent VerticalMouse 4 device does not work if the device is bridged and the user connects the device to a zero client behind a hub (external or built-in hub port) while a session is active.


Avoid plugging the device into a hub port while a session is active or connect the device to a zero client root port. Alternatively, disconnect and reconnect the session after plugging the mouse into a zero client behind a hub.

Elo Touch monitor may lose calibration in OSD after used in bridged mode with certain Elo Multi-Touch drivers | 30150

An Elo Touch monitor connected to a zero client may lose its calibration settings and be unstable in the On-Screen Display (OSD) when the zero client connects to a PCoIP host running certain versions of the Elo Multi-Touch driver, and when the monitor is calibrated using Elo Multi-Touch driver on the host.


Use version 5.5.3 of the Elo Multi-Touch driver. This issue has not been observed with this driver version.

RDR-7L82AKU smart card reader does not work with OneSign 4.9 SP1 HF11 and newer | 22448

RFIDeas RDR-7L82AKU proximity card readers do not detect cards after logging in to a virtual desktop running Imprivata OneSign 4.9 SP1 HF11 or newer.


Revert Imprivata OneSign installation to a version older than 4.9 SP1 HF11.

Gemalto IDCore 3020 smart cards is missing correct driver in Windows 7 | 22315

By default, Gemalto IDCore 3020 smart cards work in pre-session. However, the card does not work while in-session for Windows 7 virtual desktops.


Install the correct driver from a default Windows 7 installation: 1. From the zero client administrative web interface, bridge the smart card reader. 2. Without the smart card inserted, log in to the virtual desktop with username/password. 3. Insert the smart card. Windows 7 should recognize the smart card and reader and automatically install the correct drivers. 4. Log off Windows to disconnect the session. 5. From the zero client administrative web interface, remove the bridge configuration for the smart card reader. 6. Log in with the smart card. The smart card should be fully accessible.

OneSign cannot authenticate after changing Session Connection Type | 21653

After changing a zero client's Session Connection Type from View Connection Server + Kiosk to View Connection Server + OneSign, the Zero Client is unable to negotiate a PCoIP session with VMware View using OneSign authentication.


Restart the zero client.

After display is turned off, screen does not wake up by pushing zero client button | 21484

When the On-Screen Display (OSD) Screensaver timeout expires, it will turn off the display after the end of a PCoIP session brokered by a PCoIP Connection Manager. Clicking the zero client's physical button does not wake the display.

OSD cursor briefly stops responding to mouse input | 21382

The On-Screen Display (OSD) cursor stops responding to mouse input for a few seconds after pressing the Apply button on the AWI USB Permissions page, or while loading the AWI Attached Devices page. It will behave as expected shortly after.

Disconnecting a session with auto-reconnect enabled causes an alert dialog | 21082

With the auto-reconnect feature enabled, users may see an alert dialog briefly on screen before the PCoIP session is reconnected. The message shown is "Unable to connect (0x1001). Please contact your IT administrator." This message can be safely ignored.

Switching between DVI and DisplayPort connectors may cause screen to go blank on HP Z27i displays | 19353

HP Z27i displays connected to a zero client's DisplayPort connectors may not show the remote desktop content when the zero client starts a PCoIP session to a workstation access card, and the card's previous session was from a zero client with displays attached to its DVI ports.

Temporary IPv6 addressing causes failure when connecting zero clients to any soft host | 15923

Zero clients cannot establish a connection to any soft host that has temporary IPv6 addressing enabled.