Access the esxi server from the internet?

clint01 · ‎03-22-2011

Hi

I dont have a fixed ip address ,it is provided by the isp and may change from time to time.

I would like to set up my esxi host to be accessible from the internet using the vmware wsphere client.

For the networking part of getting this to work I think I need to set up a vmkernel port with the outside ip address of my router and then forward this ip address to the esxi host ,I have two nics on the esxi box.

Does anyone have a how to article on how to accomplish this ,if you need any further info let me know ?

idle-jam · ‎03-22-2011

i would advise to create a VM with vsphere installed and then accessing it VPN software like openVPN or TeamViewer

clint01 · ‎03-22-2011

Thanks the reason I want to be able to get access to it over the internet via the vmware vsphere client is that if there is a problem with the firewall vm or something else goes wrong I wont be able to get to those vms at all .

I definatly need the esxi host to be accessible directly via the internet but I will give it a very strong password.

DSTAVERT · ‎03-22-2011

Your router has the only Internet routable IP address? Could you be a litle more descriptive with what you need to accomplish. Draw it out on a piece of paper if necessary and capture the image.

-- David -- VMware Communities Moderator

idle-jam · ‎03-22-2011

why not just put your ESXi host IP as the DMZ zone from your router/firewall/ then your host will be naked in the internet.

clint01 · ‎03-22-2011

Hi

So what I have is router which connects to the internet.

The network cable connects from the router to the nic of the esxi host ,so this will be my physical route to the esxi box.

I would think I need to place my router in bridged mode so it passes connections straight through to the esxi server.

What should happen is from the vmclient I put in the external ip address I have been given and it should open up a connection to the esxi host.

I know this can be done I am just not sure how to go about doing it ..

idle-jam · ‎03-22-2011

you will need to put the IP address of the ESXi as a DMZ host in the router. Try logging into the router and see if you can find any DMZ settings ...

clint01 · ‎03-23-2011

Thanks idle-jam ,I will try that tonight and let you know how it goes..

ldelloca · ‎03-23-2011

Another option could be to use Port Address Translation (PAT) and map the needed port of the ESXi to the public IP of the router, basically every kind of router, even the cheapest ones, can do this.

Anyway, to me it seems a security hole to put the ESXi console or its ssh service directly on the internet, I think it's far better to tunnel it into a vpn.

Luca.

DSTAVERT · ‎03-23-2011

Managing this way will be extremely difficult at best. Do you only have the ESXi host (other than the router) at the remote location? Will the guest VMs be in a private networks?? I would draw this out and post a picture of what it is that you expect to have when you are done.

-- David -- VMware Communities Moderator

clint01 · ‎03-28-2011

Sorry I dont have a scanner but if you can imagine someone wanting to use the vmware client to connect to the esxi box from a external location that is what I want to do ..

I would have though there would be some tech docs on getting this done somewhere ..

FredPhillips · ‎03-28-2011

You will need to forward TCPports 443, 902 and 903.

Here is a list of other ports, but these are the ones you need for the client.

http://www.virtualinsanity.com/wp-content/uploads/connections-ports-esx.pdf

Your external IP will rarely change, but there are many dynamic dns services out there like

dyndns.org (now you have to manually log in once a month)

freedns.net (slow updates, but very easy)

All

Access the esxi server from the internet?