Accessing vCenter in VMware Cloud on AWS SDDC from the Internet
j

Satya Shrestha

August 29, 2020

Like any other SDDCs and vSphere environment, VMware Cloud on AWS SDDC is also managed and administered from within VMware vCenter Server.  vCenter server provides a centralized and extensible platform for managing virtual infrastructure. vCenter Server manages VMware vSphere environments, giving IT administrators simple and automated control over the virtual environment to deliver infrastructure with confidence.

VMware Cloud on AWS

By default, in VMware Cloud on AWS SDDC, vCenter server is not publicly accessible via internet. However, in many situations we may need to access vCenter server in VMware Cloud on AWS SDDC through the internet. Here are the step by step instruction and video on how to do that:

1. Log on to VMware Cloud Console and open up the SDDC console.

2. Click on View Details on the main SDDC Dashboard. In VMware Cloud on AWS SDDC, all the NSX-T related network management tasks are located in Network and Security Tabs. Click on Network and Security tab and click on Gateway Firewall rule.

3. Since we are about to add Fire wall rule for vCenter (which is a management appliance), to modify the Firewall Rules for management appliances, Click on "Management Gateway".

4. By default all the inbound traffic to vCenter in SDDC are configured to be dropped. The above screen shows the default firewall rules that are applied when the SDDC is first created.

5. Now, create a firewall rule to allow access to vCenter server (destination) from an IP address of IP address range (sources). Under Management Gateway, click on Add Rule and provide appropriate Firewall rule name, Sources and Destinations.

6. If you do not have sources and destinations defined or created, you can define it while specifying Sources and Destinations. To define Sources, click on Edit icon in Sources.

7. On the displayed Set Source screen, click on Add Group and select User Defined Groups. Then specify Group Name. Then Set Members by clicking on Set Members.

8. On the Select Members screen, Specify an IP Address or IP Address Range. In this example a single IP address range is specified from where the vCenter can be accessed. Click on Apply once done.

9. On you return to Set Source, the new IP address will appear in Compute Members Column. Click on Save and Click Apply.

10. Once you return to the main screen the newly created Source will appear. Now it's time to specify the Destinations, in this case it is vCenter server. Click on Edit button under Destinations Column.

11. In the Set Destination screen, click on System Defined groups and select vCenter and click APPLY.

12. Under Services column, select the vCenter services you want to access from the source defined earlier. In this example we are selecting all  the services including HTTPS, SSO and ICMP.

13. Ensure that you have Allow  option selected under Action Column and then if everything looks OK, click on PUBLISH.

14. To Access the vCenter, click on OPEN VCENTER button.

15. On the Open Access to vCenter screen, click on SHOW CREDENTIALS.

16. On the Open Access to vCenter screen, click on SHOW CREDENTIALS.

17. In vCenter login page, paste copied username and password and click LOGIN.

18. Now you can administer your vSphere environment from the same vCenter UI that you're used to.

Satya is an experienced IT professional with a demonstrated history of working in the Information Technology with years of experience in multiple industry verticals. He currently works for VMware as Staff Cloud Solutions Architect. He is skilled in designing and implementing Enterprise Application Suite in Public, Private and Hybrid cloud infrastructure including AWS, VMware, VMware Cloud on AWS, Microsoft AZure, Google Cloud and the like.

Satya Shrestha

Cloud Solutions Architect, VMware

Get connected with Satya:

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

Related Articles