9 Replies Latest reply on Dec 11, 2011 2:14 AM by AndreTheGiant

    ESXi 5 and VNC

    AndyKnowsBest Lurker



      I have configured my ESXi 5 VMs for VNC - to enable me to VNC to the console for each of the VMs. But I cannot work out how to obfuscate the password, I wonder if anyone can help? I have set it up as follows:


      Stop each VM

      Log in to the ESXi host using SSH

      Add the following to the VM's .vmx file:


      RemoteDisplay.vnc.enabled = "TRUE" 
      RemoteDisplay.vnc.port = "5901"
      RemoteDisplay.vnc.password = "password"

      When I restart the VM, I see that the following line has been added to the .vmx file


      RemoteDisplay.vnc.key = "long random string blah blah blah......."


      Now, when I try to connect to the server using a VNC client, I am not being allowed in. It is not asking for a password, it is showing me a blank screen.


      Specifically, I am not sure if the password is working (I think this config element is deprecated in ESXi 5) and so I am not sure whether the key is my password hashed, or if it is some random password and I should generate my own key and populate the field. I would like to know how to generate the key - there is an article which details this, but when I click the link it sends me to a redirect loop. Does anyone have the details?


      Secondly, why is my connection not working? I am trying to connect from a local machine. No firewalls should be getting in the way.


      Any ideas?



        • 1. Re: ESXi 5 and VNC
          Troy Clavell Guru

          thread moved from VMware Server 1 Community to VMware ESXi 5 Community

          • 2. Re: ESXi 5 and VNC
            AndyKnowsBest Lurker



            Thanks for that, and apologies for posting to the wrong forum. I was not paying attention at all, sorry.



            • 3. Re: ESXi 5 and VNC
              Dave.Mishchenko Guru

              Have you opened a firewall port on ESXi to allow for this traffic?

              • 4. Re: ESXi 5 and VNC
                AndyKnowsBest Lurker



                That is a very good question, and the answer is "no". This is a new feature in 5 I think. In 4.x there was no firewall?


                Anyway, I have opened vSphere client and am looking at the Security Profile for the host and can see that there does not seem to be a way to add services or ports. Does this indicate that I should have done something to add the VNC service to the list of services/ports (so that I could enable it here)? Or do I need to use the command line to add a service?


                Is VNC automatically running on ESXi 5? Is it not, and that is why it does not appear in the service/ports list?



                • 5. Re: ESXi 5 and VNC
                  AndreTheGiant Guru

                  Are you sure that is supported on ESXi 5?


                  I've see in kb.vmware.com/kb/1246 that was working only on GSX 3 (aka the old VMware Server) and also that

                  Note: VMware does not support running virtual machines with a VNC client.

                  • 6. Re: ESXi 5 and VNC
                    AndyKnowsBest Lurker

                    I have seen various posts about getting this working with ESXi 5. It seems that it does work.


                    I think the sequence is something like:


                    1. Edit .VMX file to add remotedisplay settings


                    2. Edit service.xml to add firewall rules


                    3. Do something to make these persistent after ESXi boot - as we are editing files on a memory resident file system, so they will disappear after boot.


                    I will be trying this at some point, and will report back here with exact steps and whether or not it works.


                    I know it is not supported. But as a Linux user, I don't really want to have to boot up a Windows VM (on VMWare Player on my laptpop) to run VMSphere Client to connect to the machines consoles. Of course I can configure VNC within the VM, but it is a pain as I am running different OSs so the setup will be different for each, which seems a pain.


                    An alternative, of course, would be to find a nice Linux VM management application or some such, but there don't seem to be any.



                    • 7. Re: ESXi 5 and VNC
                      geneC Lurker

                      Look at vCenter Server Appliance and the FlexUI that vCenter's web interface allows.  As always, there are limitations on both (including needing at least Essentials).

                      • 8. Re: ESXi 5 and VNC
                        AndyKnowsBest Lurker

                        I had not seen vCenter Server Appliance, it looks very interesting in general.... but not for me right now where I am using the free ESXi. Still, at work, where we have paid licensing, that will be looked into.


                        I still have testing the VNC and firewall updates direct to the ESXi server through SSH on my to do list. And will report back on those...



                        • 9. Re: ESXi 5 and VNC
                          AndreTheGiant Guru

                          You configuration works, but you need to open the firewall on ESXi...


                          First step is build a new rule like this:

                          ~ # cat /etc/vmware/firewall/vnc.xml
                           <!-- Firewall configuration information for VNC -->
                              <rule id='0000'>
                              <rule id='0001'>


                          Then you can refresh the firewall rules and check that the new one is correctly loaded:

                          ~ # esxcli network firewall refresh
                          ~ # esxcli network firewall ruleset list | grep VNC
                          VNC                    true