WMS, Public IP, File Server, VPN – What are we doing wrong?

Viewing 4 posts - 1 through 4 (of 4 total)
  • Author
    Posts
  • #82337
    jayfromthebay
    Participant
    • Total Post: 7
    • Newbie

    Hello there,

    we are currently running several on premise WMS (free edition, ~ v2.x) throughout the group with an estimated ~150 clients. All clients are 5070 (most of them with PCoIP) running on ThinOS 8.6.013, 8.6.111 and 8.6.303.

    As the users want to take their ThinClients home, we are now trying to roll out a new WMS, which is accessible via public IP, has all the configs for the different subs, and automatically transfers the VPN configs needed, to access MS Terminalservers via Brokers from home.

    So far, we installed Win Srv 2019 Std. on a VM, gave it a public IP, a FQDN, opened Ports 443/1883 TCP, installed WMS 3 (free edition) and entered the exact same configs, we have on the on premise WMS installations.

    Our first attempt to point a ThinClient to the new WMS failed instantly. It does seem to connect to the WMS, but nothing else happens. The logs on the TC say, that the fileserver couldn’t be validated.

    tc logs

    In our config, we checked “no global ini” on the advanced tab. Also we unchecked DNS-SRV.
    We didn’t configure anything else in the advanced section though – do we need to do this?

    Also even though there seems to be a (limited) way to enter VPN Credentials on the TC itself, we couldn’t find any settings for WMS Policies. Do these have to be handwritten into an .ini? Is there a guide, which could help us? We couldn’t find anything on this topic. We are using Sophos SG 210s with latest UTM. Maybe someone has a readymade config for us?

    @CG: You keep referring to a WMS Admin Guide – but where do we find it? There is a ThinOS Admin Guide and a WDM Guide in your Downloads section. Maybe I just need some sleep.

     

    Cheers

    J

    #82363
    ConfGen
    Keymaster
    • Total Post: 10696
    • Jedi Master
    • ★★★★★★★

    1. you can ignore the “Fileserver” message. It is informational only.
    2. the message should get away after the second boot
    3. ThinOS uses OpenVPN. If your Sophos server is OpenVPN (OpenConnect) compatible, then you should be able to connect
    4. ThinOS VPN only supports username/password authentication. Nothing else is possible.
    5. Yes, VPN Connection has to be configured in the Advanced section with INI parameters.

    CG

    #95971
    carlos.santos
    Participant
    • Total Post: 3
    • Newbie

    @jayfromthebay,

    I have the same demand.
    I managed to make my wyse 3040 ThinOS 9.1, connect with my WMS. He manages to load policies.
    I’m trying to do the reverse. The WMS send Commands and Connect via VNC with ThinClient, however I am not having answers.

    Did you succeed?

    #100847
    ConfGen
    Keymaster
    • Total Post: 10696
    • Jedi Master
    • ★★★★★★★

    Is your WMS and TC in the same subnet or is it a remote setup?
    If remote, is your WMS server in the DMZ? Is the server FQDN resolvable from the internet?
    Are ports 443 and 1883 accessible from the internet?

    CG

Viewing 4 posts - 1 through 4 (of 4 total)
  • You must be logged in to reply to this topic.