Here's my network topology:
WHAT I WANT OT ACHIEVE: access virtual machines from remote network, be able to manage them through vCenter Server, run them, and see vms consoles (what's happening inside every vm, as I can see this in my local network).
WHAT I HAVE SO FAR: at the moment Im able to successfully connect from my computer in the remote network to vCenter Server, which is a virtual machine on one of my ESXi hosts. vCenter Server is the VM on ESXi 1, its IP address is 172.16.254.112/24.
WHAT I DID: I forwarded some ports on my JSRX router, forwarded 184.108.40.206:443 to 172.16.254.112:443, used this:
set zones security-zone trust address-book address accessvsphere 172.16.254.112/32
edit security policies from-zone untrust to-zone trust
set policy vspherepolicy match source-address any destination-address [ accessvsphere ] application any
set policy vspherepolicy then permit
edit security nat destination
set pool dst-nat-pool-vsphere address 172.16.254.112 port 443
set rule-set rs1 from zone untrust
set rule-set rs1 rule myrule1 match destination-address 220.127.116.11
set rule-set rs1 rule myrule1 match destination-port 443
set rule-set rs1 rule myrule1 then destination-nat pool dst-nat-pool-vsphere
edit security nat
set proxy-arp interface ge-0/0/0.0 address 18.104.22.168
And it works great, I can connect to vCenter Server, but then I try to launch virtual machine, I see only black screen and the message:
Unable to connect to the MKS: Failed to connect to server 172.16.254.11:902.
I read that vCenter Server need also port 902 and 903 for full connectivity but have no idea how to do this further. Which ports I need to forward, and - how?
are you using VI client? Try installing VI client in some other machine and open VM console.