VMware Cloud Community
NYCHawk
Contributor
Contributor
‎04-22-2009 12:13 PM

Need Advice For Accessing (via Internet) Internal VM's

Hello;

I am looking to access vm's within my ESX server over the Internet, SSL at the minimum, but preferred through RSA/SecurID as well.

I would like if my users, once logged in, are able to see an icon or link to just their VM, as well as any other VM deemed appropriate for them.

I am trying to stay away from using Citrix as this product is only availble as an appliance; my needs are for less than 12 users, though right now only required for 4.

Ideally, I would factor in AD authentication as well.

Does anyone have any thoughts or suggestions?

Thanks!

0 Kudos
4 Replies
francisco1844
Contributor
Contributor
‎04-22-2009 01:05 PM

I am not sure if what you are looking for even exists. Sounds as if you wanted your users to see a dynamic list of machines to which they could login.

In particular where you write:

>once logged in,

Once they login, I would think they would be in one of the machines at that point.

One possible solution may be logmein. I only have access to one machine, but I believe there is some way to have logmein use AD authentication and to have a list of machines to which a given user can login.

Just a though..

Francisco...also from NYC.

0 Kudos
runclear
Expert
Expert
‎04-22-2009 01:10 PM

1. VPN Access

2. Grant each user Access to their VM

3. Hook them up with a VI Client, and let them log in. (the will only see their VM and will only be able to do with the vm as the permissions you set to their account in vc)

OR

What about RDP over SSL?

-

www.virtualpimpin.com

-------------------- What the f* is the cloud?!
0 Kudos
Dave_Mishchenko
Immortal
Immortal
‎04-22-2009 08:33 PM

Do you want the users to access the VM as in use RDP or VNC to access the desktop or do they need to have management rights over the VM (i.e. start / stop)?

If they need to management the VMs, you could use permissions and roles to do this - http://www.vm-help.com/esx/esx3i/assigning_permissions/assign_permissions.php. VI Client traffic is over http (and port 902 for remote console) but I wouldn't expose the management port directly to the Internet.

0 Kudos
NYCHawk
Contributor
Contributor
‎04-23-2009 06:42 AM

Guys;

Many thanks for the replies. What I am looking for is what Citrix ICA provides, a compressed desktop connection, and the extra benefit of being able to run just a subset/handful of apps is appealing, I just do not want to purchase an appliance to do this and Citrix is now only selling appliances for their Access Gateway product. I have been looking at Thinstall for this purpose, I might need to start reading more on this tool.

My users would be accessing my network via the internet, sometimes on a machine that does not allow you to install software (i.e., internet cafe), the ICA client however can be run at most locations.

I was thinking of running an SSL/SecurID/Apache server, presenting an icon once logged in for only their own VM (and by logged in I mean logged in to Apache not their VM).

What I need is a way for my users to be able to run their desktops via the internet in a very secure and robust fashion. I've thought about RDP over SSL (thanks runclear, great site by the way), but RDP is inherently slow and inefficient.

I am not requiring these users to start/stop their own VM's, at least not right now.

Thanks!

0 Kudos