5 Replies Latest reply on Apr 27, 2018 2:29 AM by fardin01

    Configure Nginx to reverse proxy VMRC traffic

    fardin01 Lurker

      When I redirect port 443 and 902 directly to my ESXi host, the web client works fine as well as VMRC. When I proxy port 443 via nginx the web client works fine (inducing the browser console) but VMRC connection fails. Port 902 is directly redirected to ESXi.

       

      Can anyone let me know what protocol VMRC uses? Or what the architecture is?

        • 1. Re: Configure Nginx to reverse proxy VMRC traffic
          CQuartetti Hot Shot
          VMware Employees

          VMRC's control plane connection uses HTTPS over port 443 by default, but it can be any port number--vSphere may use 9443. The data plane connection uses a custom protocol over port 902 by default, but again, the server can configure any port number.

           

          Internal ticket 1983585 is tracking connecting through vRA with a proxy, but this may not affect you.

           

          Can you make a proxied connection using VMRC 9.0? What's your host OS?

          • 2. Re: Configure Nginx to reverse proxy VMRC traffic
            fardin01 Lurker

            Thanks for your reply.

             

            I can't make a peroxied connection using VMRC 9.0. Direct connection still works fine.

             

            I have ESXi 6.5 running on a HP server, and the VM I'm trying to connect is WS 2012 R2.

             

            1.PNG shows how I launch VMRC. 2.PNG shows what I get when connection is proxied.

             

            Below is the portion of nginx.conf file that proxies the traffic to the correct server:

             

            server {

                    listen       443 ssl;

                    server_name  esxi.******.com;

             

                    ssl_certificate      certificate.crt;

                    ssl_certificate_key  private.key;

             

                    location / {

                           allow all;

                           proxy_set_header Host $host;

                           proxy_set_header Connection "upgrade";

                           proxy_set_header Connection $http_connection;

                           proxy_pass https://192.168.0.102;

                          

                           # WebSocket support

                           proxy_http_version 1.1;

                           proxy_set_header Upgrade $http_upgrade;

                    }

                }

            • 3. Re: Configure Nginx to reverse proxy VMRC traffic
              CQuartetti Hot Shot
              VMware Employees

              Ok, looks like you're running VMRC on Windows. Not that this helps you, but internal ticket 1815860 is tracking this issue where VMRC doesn't give an accurate error message in some cases. If you have Workstation available you may see this

               

              Failed to connect to xxx. The proxy could not be resolved.

               

              instead of this message from your 2.png attachment

               

              Failed to connect to xxx. Invalid or expired session ticket.

              • 4. Re: Configure Nginx to reverse proxy VMRC traffic
                jskenney Novice

                Attached is my nginx configuration files that work for remote access via the web into a vSphere server, including VMRC.  The nginx.conf sets up the ports, the esxi file is the "site" config.  In my example 192.168.2.41 is the ESXi server, and example.com is the website (and link for ssl certs).  Hope that helps, it took a while for me to generate a configuration that would allow for the console and for file uploads.

                • 5. Re: Configure Nginx to reverse proxy VMRC traffic
                  fardin01 Lurker

                  You sir, have a special place in heaven! Thank you very much.