VMware Cloud Community
CyberV
Contributor
Contributor
‎03-09-2009 01:13 PM

How restrict access to VMware Virtual Center (also ESX server) - Welcome Page - by subnet ?

Hi all !

Is there a way to restrict the access to the "Welcome Page" on Virtual Center and also the ESX server to a particular subnet ?

We control most of our Web server with Apache using "Allow from 10.xxx.xxx.xxx/24" preventing students accessing "sensible" website. How can I do the same with Virtual Center and also the Welcome Page on the ESX server ?à

Please help !

0 Kudos
3 Replies
admin
Immortal
Immortal
‎03-09-2009 02:42 PM

You could put an external firewall in front of them and use that. Otherwise you can modify iptables on the esx server (esxcfg-firewall is the management script for it provided by VMware) and either an IPsec policy, or a 3rd party firewall, on the VC server.

0 Kudos
CyberV
Contributor
Contributor
‎03-09-2009 03:04 PM

A solution directly "integrated" with Tomcat/Apache will be the best for me. Instead to add more rules to the firewall ....

0 Kudos
admin
Immortal
Immortal
‎03-09-2009 06:11 PM

Well that's cool for the ESX host, just configure iptables. Tomcat is the webserver on VC so you can probably use standard Windows Tomcat IP address restriction, but I've only done this on a Linux server. Or, as I said, use the Windows firewall on the VC server.

http://tomcat.apache.org/tomcat-4.1-doc/config/valve.html

IMO better to have your IP address filters all in one place but if you prefer distributed then that's your choice.

0 Kudos