The Firmware web page allows you to upload a new firmware build to the client.
Figure 1. Firmware Upload Web Page
Table 1 Firmware Upload Parameters
Firmware build filename
The filename of the firmware image to be uploaded. You can browse to the file using the Browse button. The file must be accessible to the web browser (that is, on a local or accessible network drive). The firmware image must be an .all file.
Click the Upload button to transfer the specified file to the device. The web interface prompts you to confirm this action to avoid accidental uploads.
Firmware Upload Process Example
Ensure the client is disconnected from the virtual machine.
Log in to the client Administrative Web Interface (using a password if enabled).
From the Firmware Upload web page, browse to the firmware .all file (for example, tera1x00_rel1-9-v175.all).
Click OK to confirm that you want to proceed with the upload. When the firmware upload completes, the message “Success Flash successfully programmed! You must reset the device for the changes to take effect” appears.
Click Reset. The message “The PCoIP processor will reset on the next host system restart; your changes will take effect then. Are you sure you want to proceed?” appears.
If the client does not automatically reset itself, reset the client manually.
Start the PCoIP session as usual.
The OSD Logo page allows you to upload an image to the device. This image is displayed on the Connect window of the local GUI On Screen Display (OSD) logo.
The VMware View Advanced page includes an option “Use OSD Logo for Login Banner,” which lets you configure whether the OSD logo appears on the login screen instead of the default banner. For more information, see VMware View connection configuration.
Figure 2. OSD Logo Upload Web Page
Table 2 OSD Logo Upload Parameters
OSD logo filename
Specify the filename of the logo image you want to upload. You can browse to the target file using the Browse button. The file must be accessible to the web browser (that is, on a local or accessible network drive).
The 24-bits-per-pixel image must be in BMP format and its dimensions cannot exceed 256 pixels in width and 64 pixels in height. If the file extension is incorrect, an error message appears.
Click Upload to transfer the specified image file to the client. A message to confirm the upload appears.
From the OSD Logo web page, click Browse to locate the target logo file.
Click Upload. The message “Are you sure? This will upload a new logo for the local GUI. This operation may take a few minutes” appears.
Wait for the OSD Logo upload to finish. A message appears to advise if the upload was successful.
Reset the client.
The Certificate Upload page lets you upload and manage your CA root and client certificates. You can upload up to 16 certificates.
The maximum size for a certificate that you can upload from the AWI is 10,239 bytes. You can upload up to 16 certificates providing you do not exceed the maximum storage size of 98,112 bytes. The available storage field lets you know how much space is left in the certificate store.
The PCoIP protocol reads just one 802.1x client certificate for 802.1x compliant networks. Make sure you include all the security information for your PCoIP devices in that client certificate.
Figure 3. Certificate Upload page
Table 3 Certificate Upload parameters
Upload up to a maximum of 16 root and client certificates.
This displays any uploaded certificates. To delete an uploaded certificate, click the Remove button. The deletion process occurs after the device is rebooted. To view the details of a certificate, click the Detail button. These certificates appear as options in the Client Certificate drop-down menu on the Network page.
802.1X Client Certificate
This is a read-only field. It is linked to the Client Certificate field on the Network page.
The following are some general guidelines when using 802.1x authentication. For more information, see certificate management and 802.1x information for PCoIP zero clients on the Teradici support site.
802.1x authentication requires two certificates—an 802.1x client certificate and an 802.1x server CA root certificate.
The 802.1x client certificate must be in .pem format and contain a private key that uses RSA encryption. If the certificate is in a different format, you must first convert the certificate, including the private key, to .pem format before uploading it.
After uploading the 802.1x client certificate from the Certificate Upload page, you must configure 802.1x authentication from the Network page. This entails enabling 802.1x authentication, entering an identity string for the zero device, selecting the correct 802.1x client certificate from the drop-down list, and then applying your settings.
The 802.1x server CA root certificate must be in .pem format, but should not need to contain a private key. If the certificate is in a different format, you must convert it to .pem format before uploading it. This certificate does not require configuration from the Network page.
Both the 802.1x client certificate and the 802.1x server CA root certificate must be less than 10,240 bytes; otherwise, you will not be able to upload them. Some certificate files may contain multiple certificates. If your certificate file is too large and it has multiple certificates within, you can open the file in a text editor, then copy and save each certificate to its own file.
View 5.1 security settings
When you connect a zero client to VMware View 5.1, SSL is enabled by default on the View Connection Server (VCS). If the connection from the zero client is not secure, the VCS may allow, warn, or block the user depending on the VCSCertificateCheck Mode setting on the zero client (default setting is: Warn if the connection may be insecure ).
By default the certificate trust store on the zero client is empty (with the exception of PCoIP root CA certificates for management).
After you upgrade the zero clients to Firmware Release 4.0.x, users can connect to their desktop by accepting the warning and logging in as normal. However, if an IEEE 802.1x certificate has been uploaded to the zero client, but the VCS trusted root certificate has not been uploaded, then the View Connection Server blocks the connection.
To avoid warnings or a blocked connection on the zero client, you must do one of the following:
(Preferred) Upload the VCS trusted SSL root certificate to the zero client. You can do so through the Administrative Web Interface. In this case, the zero client can connect without any warnings (in the VCS address field of the connection dialog, HTTPS appears in green).
(Not Secure) Set the VCS Certificate Check Mode to: Allow the unverifiable connection. You can set this parameter on the zero client Session page using the OSD or the Administrative Web Interface. In this case, all connections are allowed (in the VCS address field of the connection dialog, HTTPS appears in red strikethrough).
To remove previously loaded certificates from the Cisco VXC 2111/2211, and to clear the Trusted View Connection Server list, perform the following steps:
From the Administrative Web Interface, click Upload > Certificates.
From the Uploaded Certificates list, choose a certificate and click Remove. (To remove multiple certificates, repeat this step as required.)
From the Administrative Web Interface, choose Configuration > Session.
Under Advanced Options, in the Trusted View Connection Servers field, click Clear.