VMware Cloud Community
DredlinE
Enthusiast
Enthusiast
‎05-22-2014 12:23 AM
Jump to solution

vCNS Edge SSL-VPN web resource

Hello!

Does anybody know what "Web Resource" feature of SSL-VPN Plus portal is used for?

Is it possible to provide an full access to internal perimeter Web servers?

Thanks.

Tags (4)
Reply
0 Kudos
1 Solution

Accepted Solutions
Texiwill
Leadership
Leadership
‎05-23-2014 06:46 AM
Jump to solution

Hello,

I think that depends on what you plan to do with vCD, if it is a tenant administrator, then I would have no issues with that. If it was a Cloud Admin, they need so much more access to things that a Jump Machine may be the best approach. Unfortunately, I have yet to test anything like vCD behind the VPN but it should work.

Best regards,
Edward L. Haletky
VMware Communities User Moderator, VMware vExpert 2009, 2010, 2011,2012,2013,2014

Author of the books 'VMWare ESX and ESXi in the Enterprise: Planning Deployment Virtualization Servers', Copyright 2011 Pearson Education. 'VMware vSphere and Virtual Infrastructure Security: Securing the Virtual Environment', Copyright 2009 Pearson Education.

Virtualization and Cloud Security Analyst: The Virtualization Practice, LLC -- vSphere Upgrade Saga -- Virtualization Security Round Table Podcast

--
Edward L. Haletky
vExpert XIV: 2009-2023,
VMTN Community Moderator
vSphere Upgrade Saga: https://www.astroarch.com/blogs
GitHub Repo: https://github.com/Texiwill

View solution in original post

Reply
0 Kudos
4 Replies
Texiwill
Leadership
Leadership
‎05-22-2014 05:38 AM
Jump to solution

Hello,

Check out vCloud Networking and Security 5.1 Edge SSL VPN Configuration | VMware vSphere Blog - VMware Blogs

Web Resource

The Web Resource function is to provide a secure portal to access web content behind the Edge Firewall. When you open a web connection from the Internet on the port defined in the server settings (i.e. 8443 in our example), you are prompted with a sign-on page to the access portal. It is through this access portal that you first download the SSL-VPN client, but this page can also be used to access other resources defined below.

And yes I bet you can just specify a top level and it will give access to everything below.

Best regards,
Edward L. Haletky
VMware Communities User Moderator, VMware vExpert 2009, 2010, 2011,2012,2013,2014

Author of the books 'VMWare ESX and ESXi in the Enterprise: Planning Deployment Virtualization Servers', Copyright 2011 Pearson Education. 'VMware vSphere and Virtual Infrastructure Security: Securing the Virtual Environment', Copyright 2009 Pearson Education.

Virtualization and Cloud Security Analyst: The Virtualization Practice, LLC -- vSphere Upgrade Saga -- Virtualization Security Round Table Podcast

--
Edward L. Haletky
vExpert XIV: 2009-2023,
VMTN Community Moderator
vSphere Upgrade Saga: https://www.astroarch.com/blogs
GitHub Repo: https://github.com/Texiwill
Reply
DredlinE
Enthusiast
Enthusiast
‎05-23-2014 02:51 AM
Jump to solution

Thanks. I have tried it out on a test web server. I don't see a normal web page unfortunately. Some components missing. Probably my firewall restrictions causing this. Will investigate further.

But what i wanted to ask is - does someone has practical experience using this feature. Let's say - would it be possible to place vCloud Director portal as a web resource there? BTW it's HTTPS.

Reply
0 Kudos
Texiwill
Leadership
Leadership
‎05-23-2014 06:46 AM
Jump to solution

Hello,

I think that depends on what you plan to do with vCD, if it is a tenant administrator, then I would have no issues with that. If it was a Cloud Admin, they need so much more access to things that a Jump Machine may be the best approach. Unfortunately, I have yet to test anything like vCD behind the VPN but it should work.

Best regards,
Edward L. Haletky
VMware Communities User Moderator, VMware vExpert 2009, 2010, 2011,2012,2013,2014

Author of the books 'VMWare ESX and ESXi in the Enterprise: Planning Deployment Virtualization Servers', Copyright 2011 Pearson Education. 'VMware vSphere and Virtual Infrastructure Security: Securing the Virtual Environment', Copyright 2009 Pearson Education.

Virtualization and Cloud Security Analyst: The Virtualization Practice, LLC -- vSphere Upgrade Saga -- Virtualization Security Round Table Podcast

--
Edward L. Haletky
vExpert XIV: 2009-2023,
VMTN Community Moderator
vSphere Upgrade Saga: https://www.astroarch.com/blogs
GitHub Repo: https://github.com/Texiwill
Reply
0 Kudos
DredlinE
Enthusiast
Enthusiast
‎05-28-2014 02:57 AM
Jump to solution

Hi,

OK. Thanks for helping to sort things out.

Reply
0 Kudos