In some circumstances where firewalls devices are blocking VMware View traffic, or when other network service is already making use of the VMware View default network ports you may be required to change the ports in use. Another reason for a View port change would be when an organisation have standard procedures to change default application’s port for security reasons.
Before starting, a quick note – Teradici has registered port 4172 with IANA and this is the official PCoIP port moving forward. So, from 50002 to 4172 (both TCP/UDP).
Modifying PCoIP Ports
PCoIP ports can be changed using the PCOIP.ADM templates provided with VMware View Connection Server or via a registry change at GuestOS level. If you need more information please refer to View Administrator Guide.
Please note that ADM templates are technically not officially supported by VMware.
Modifying View Connection and Security Server Ports
VMware View 4.0 and 4.0.1 run on Apache Tomcat/6.0.20 and the default HTTP/HTTPS ports configured are as per default 80/443.
The HTTP/HTTPS listener is part of the sslgateway component, which also supports SSL tunnelling. To configure the listening port, create or edit the file %programfiles%\vmware\vmware view\server\sslgateway\conf\locked.properties
The “locked.properties” file needs to be created or copied to each connection or security server in your organisation. The contents of the file should reflect the following:
- clientProtocol=https—Indicates that the client will use HTTPS.
- clientHost=view-ext.ese.com—Indicates that the client will connect on the tunnel phase (second phase) to the DNS name that resolves to server.
- clientPort=443—Indicates the port the client will use to connect. This entry seems redundant because the clientProtocol field is already there, but the VMware documentation states that if this entry is not defined, the client will use whatever is defined in the serverProtocol field, which will be 80.
- serverPort=80—Indicates the port that will be used to connect to the Connection Server.
- serverProtocol=http—This entry is not needed because HTTP is the default, but is included here for clarity.
Add or edit “serverPort=xx”, where xx is the port number you’d like to use.
You will need to stop and restart the View Connection Server service (or reboot) in order to switch the listening port. And don’t forget to change any firewall rules appropriately.
Next you should look in the debug log for a line like this: “Server listening port: xx”, where xx is the currently configured listening port. Finally if you want HTTP address to be automatically redirected to HTTPS you need to add “httpRedirectURL=https://server:8181″ in the same file.
Modifying View Connection Ephemeral Ports
An ephemeral port is a short?lived endpoint that is created by the operating system when a program requests any available user port. The operating system selects the port number from a predefined range, typically between 1024 and 65535, and releases the port after the related TCP connection terminates.
You might want to increase the number of ephemeral ports if your View Manager deployment is likely to use more than 800 concurrent client connections; another reason to modify ephemeral ports would be to change the range restriction for a multi-site distributed environments where firewalls rules would have to be applied or revoked.
By default, you can create a maximum of approximately 4,000 ephemeral ports that run
concurrently on Windows Server 2003 but the VMware View Admin Guide 4.0 covers the subject in more detail and provides a formula to calculate the number of ephemeral ports.
To modify ephemeral ports you must open the registry and change on each of the VMware Connection or Security servers available in your environment.
Value Name: MaxUserPort
Value Type: DWORD
Value data: 1024 + <calculated number of ephemeral ports>
Valid Range: 5000-65534 (decimal)