you can also port forward the Port number for RDP to the dedicated virtual machine you want to access from internet.
Craig
vExpert 2009
Welcoem to the Forums - What are the Reps using these VMs for? How did you reps access the machines when they were physical? I would just treat the VMs the same way - the reps used VPN software to securely access your network and then use an RDP client do it the same way -
If you find this or any other answer useful please consider awarding points by marking the answer correct or helpful
Treat VMs as physical machines in this case. Think about vSwitch as usual unmanaged L2 switch with internet uplink and set router according to this.
---
MCSA, MCTS, VCP, VMware vExpert '2009
We wish for our reps to be able to access our erp system. They currently don't have any access. VPN access is certainly something I'd look at, although it does add a layer of complexity.
Cheers
Ian
Thanks for the reply.
I'm sorry, I forgot in my orignal post to mention our network layout. We have a private internal network and a seperate 'public' network where the router is located. They are connected via an gateway server which controls internet access. The ESXi box has two NICs one on each network with the relavent virtual switches. The management network is on the private network.
For a while now we have had a VMserver box running with this configuration and the ports 902, 903, 8333 & 8222 forwarded from the router. Could I add a management network to the 'public' network on the ESXi server and then redirect the above ports to the new management network's IP address? Would this be secure?
Thanks in advance.
Ian
PS My apologies marking this question answered.
Thanks for the reply. We will being using more than one VM from ther internet at any one time.
Cheers
Ian
Could you post a diagram of your network with used protocols?
---
MCSA, MCTS, VCP, VMware vExpert '2009
Hi,
Thanks for your reply.
Please find attached a diagram of our network. I'm not sure which protocols you mean. The network is pure IP, with both TCP/UDP packets. The traffic on the internet side is principly SMTP, HTTP, DNS. Internally it's would include these plus MS/MSQL, SMB, plus others.
Cheers
Ian
It depends on how do you want to access your VMs from Internet. Now all your VMs can be accessed from intenet very easily - you just need to add second virtual NIC and connect it to vSwitch with NIC2.
But that would be pretty insecure. So I suggest to connect NIC2 to Internet Connection Server and publish ports with forwarding.
---
MCSA, MCTS, VCP, VMware vExpert '2009
The ADSL router has a firewall in it. If I added a second virtual NIC and connected it to vSwitch with NIC2 and forwarded the relavent ports in the router, would this be secure?
Which ports would I forward?
Thanks again
Ian
>and forwarded the relavent ports in the router, would this be secure?
Yes.
>Which ports would I forward?
Which ports do you need to forward? Actually you don't want to put VMs to Internet, you want some service be accessible from Internet, so it all depends on what services do you want to publish.
---
MCSA, MCTS, VCP, VMware vExpert '2009
Thanks for all your help.
I need our external reps to be able to operate their Vm's from the internet, so they can use our ERP system.
Cheers
Ian
I have been reading post for a day now tring to get my webserver VM and this one seened close to my poblem. I am very new with VMware and This seems to be my problem too.
I want port 80 to be open to the internet and I am unsure how to get this to happen
If you could go in more detail to get to work. I would be very greatful
harry