Hey everyone, 

we are utilising foreman for host provisioning, and any provisioned host (vm) can then be accessed through vmware console.

the vsphere console is accessed as such
vmrc://<someid>@<vcenter>:443/?moid=<moid>

eventually the client is connecting to vCenter on port 443. But because of security concerns and past vulnerabilities it is strictly forbidden to access vCenter broadly (only allow systems that require access like admin through mgmt network, vROPS, etc). 
especially on port 443


so my question is, how could I allow users to use VMRC without providing access to them directly on port 443
I was thinking of a Loadbalancer in front of it with strict rules, or bend the vmware console to a different port than 443 (that could be an option)

anyone else sat in the same boat, have any ideas?

Kalli