I have been searching and reading articles and posts regarding vms in DMZ and have not found an answer to our (soon to be) environment that we are planning. I understand about segregating DMZ vms to a seperate virtual switch and making sure the SC is on a different virtual switch attached to the private management network. But what about the vCenter server? We need admin users to be able to access the vms in the dmz from both inside the private network and from outside via the Internet.
If you could enlighten?
Thanks
Don
Usually VC is in the same network of the ESX SC.
To access VC without have direct access to management network you can use: NAT, VPN, dual-homed VC, reverse proxy, ...
IMHO I prefer VPN solutions.
Andre
**if you found this or any other answer useful please consider allocating points for helpful or correct answers
Usually VC is in the same network of the ESX SC.
To access VC without have direct access to management network you can use: NAT, VPN, dual-homed VC, reverse proxy, ...
IMHO I prefer VPN solutions.
Andre
**if you found this or any other answer useful please consider allocating points for helpful or correct answers
I agree with Andre - VPN is the way to go.
Wow, does this blow. This is exactly how I proposed and had a test setup (with openvpn) and the decision makers said no that would be too insecure. They wanted to use MS-TS until the cost figures for licenses started getting thrown aroud. Go figure.
Thanks for your input, Andre
Don
This is exactly how I proposed and had a test setup (with openvpn) and the decision makers said no that would be too insecure.
OpenVPN could be a very good solution. Only one port, firewall aware, NAT aware.
(to be honest also other SSL tunnel solution could be fine as well).
Andre
**if you found this or any other answer useful please consider allocating points for helpful or correct answers