Hello,
I think that depends on what you plan to do with vCD, if it is a tenant administrator, then I would have no issues with that. If it was a Cloud Admin, they need so much more access to things that a Jump Machine may be the best approach. Unfortunately, I have yet to test anything like vCD behind the VPN but it should work.
Best regards,
Edward L. Haletky
VMware Communities User Moderator, VMware vExpert 2009, 2010, 2011,2012,2013,2014
Author of the books 'VMWare ESX and ESXi in the Enterprise: Planning Deployment Virtualization Servers', Copyright 2011 Pearson Education. 'VMware vSphere and Virtual Infrastructure Security: Securing the Virtual Environment', Copyright 2009 Pearson Education.
Virtualization and Cloud Security Analyst: The Virtualization Practice, LLC -- vSphere Upgrade Saga -- Virtualization Security Round Table Podcast
Hello,
Check out vCloud Networking and Security 5.1 Edge SSL VPN Configuration | VMware vSphere Blog - VMware Blogs
Web Resource
The Web Resource function is to provide a secure portal to access web content behind the Edge Firewall. When you open a web connection from the Internet on the port defined in the server settings (i.e. 8443 in our example), you are prompted with a sign-on page to the access portal. It is through this access portal that you first download the SSL-VPN client, but this page can also be used to access other resources defined below.
And yes I bet you can just specify a top level and it will give access to everything below.
Best regards,
Edward L. Haletky
VMware Communities User Moderator, VMware vExpert 2009, 2010, 2011,2012,2013,2014
Author of the books 'VMWare ESX and ESXi in the Enterprise: Planning Deployment Virtualization Servers', Copyright 2011 Pearson Education. 'VMware vSphere and Virtual Infrastructure Security: Securing the Virtual Environment', Copyright 2009 Pearson Education.
Virtualization and Cloud Security Analyst: The Virtualization Practice, LLC -- vSphere Upgrade Saga -- Virtualization Security Round Table Podcast
Thanks. I have tried it out on a test web server. I don't see a normal web page unfortunately. Some components missing. Probably my firewall restrictions causing this. Will investigate further.
But what i wanted to ask is - does someone has practical experience using this feature. Let's say - would it be possible to place vCloud Director portal as a web resource there? BTW it's HTTPS.
Hello,
I think that depends on what you plan to do with vCD, if it is a tenant administrator, then I would have no issues with that. If it was a Cloud Admin, they need so much more access to things that a Jump Machine may be the best approach. Unfortunately, I have yet to test anything like vCD behind the VPN but it should work.
Best regards,
Edward L. Haletky
VMware Communities User Moderator, VMware vExpert 2009, 2010, 2011,2012,2013,2014
Author of the books 'VMWare ESX and ESXi in the Enterprise: Planning Deployment Virtualization Servers', Copyright 2011 Pearson Education. 'VMware vSphere and Virtual Infrastructure Security: Securing the Virtual Environment', Copyright 2009 Pearson Education.
Virtualization and Cloud Security Analyst: The Virtualization Practice, LLC -- vSphere Upgrade Saga -- Virtualization Security Round Table Podcast
Hi,
OK. Thanks for helping to sort things out.