vmrc

Blocking vSphere HTML5 VM Console and allowing only Standalone VM Remote Console (VMRC)?

02.08.2023 by William Lam // 2 Comments

This was an interesting request that came up on the VMTN community forums asking whether it was possible to block users from accessing the vSphere HTML5 (H5) VM Console in vCenter Server and only allowing access to a VM console through the use of the Standalone VM Remote Console (VMRC) client? What is the use case for this you might ask, well it looks like VM screen resolution was getting change between the two clients and the administrator simply wanted to restrict access to the H5 VM Console and direct users to use only the VMRC Client.

At first, I could not see how this could be accomplished since all of their users already have the "Console interaction" privilege within vCenter Server which allows them to to interact with both VM Console interfaces. I was then reminded of an article that I wrote back in 2021 where a user wanted to restrict access to the vSphere UI interface while still allowing access to vCenter Server through the vSphere API, which used an access policy to restrict access based on a URI endpoint within the vCenter Server Tomcat application configuration.

This gave me an idea to experiment with and see if we could do the same and simply restrict the /ui/vmconsole endpoint which serves the H5 VM Console while still preserving VMRC access.

[Read more...]

How to forcefully disconnect a vSphere VM Console session?

06.24.2022 by William Lam // 1 Comment

The vSphere Virtual Machine Console UI is an extremely useful interface for interacting with a VM, especially for initial configurations and/or debugging and troubleshooting purposes, such as an issue with networking. The VM console is analogous to connecting a physical keyboard and monitor to a computer, you remember the good ol' days right? 😀

Unlike the physical world, where you can only have a single person interacting with the computer, the vSphere VM Console can allow multiple users to view and interact with the VM. It is also not uncommon for customers to limit the number of simultaneous VM Console sessions, especially for security and/or for privacy purposes.

One potential down side with limiting the VM Console session to one is that another user may not be able to connect until the other session has concluded and/or has expired due to lack of activity. This recently came up as a question from a customer asking if there was a way to forcefully disconnect an existing VM Console connection?

[Read more...]

VMware Cloud on AWS 1.13 adds support for VMRC vCenter Proxy

12.09.2020 by William Lam // 2 Comments

VMware Cloud on AWS (VMConAWS) 1.13 was just released and although it is an optional release, it does introduce a pretty interesting capability that I think our customers will really appreciate and benefit from, especially when this capability also makes its way into an on-premises vSphere release.

VMware Remote Console (VMRC) vCenter Proxy

VMware Remote Console connections will now be proxied through the SDDC’s vCenter, and clients no longer require connectivity to ESXi hosts. This simplifies connectivity requirements, and allows for the use of VMRC over VPN when a DX or vTGW is also being used with the SDDC.

Historically, when you wanted to interact with a Virtual Machine using the vSphere UI in vCenter Server, you had two options. You can either use the HTML5 Remote Console within your browser or you could use the standalone VMware Remote Console (VMRC) application. For basic functionality, the HTML5 console is generally preferred but for cases where you might need to mount a local device from your computer such as a USB, bluetooth or CD-ROM device, you had to use the VMRC client.

[Read more...]