VMware Cloud – Page 4

How to audit vCenter Cloud Gateway & vCenter Server Registrations for vSphere+

04.24.2023 by William Lam // 2 Comments

The vSphere+, vSAN+ and the VCF+ Cloud Service all leverage the vCenter Cloud Gateway (VCGW) to provide secure connectivity between your on-premises VMware infrastructure and the VMware Cloud (VMC) Console. The process to setup the VCGW is made up of the following two steps:

Connect your VCGW to the VMC Console
Register your vCenter Server or SDDC Manager (VCF+) to your VCGW

We had an interesting question from one of our vSphere+ customers that wanted to better understand who within their organization was performing the VCGW and vCenter Server registrations for the vSphere+ Cloud Service?

[Read more...]

Quick Tip - Multi-Factor Authentication (MFA), IP Address Range & Source Domain restrictions available for all VMware Cloud Services

02.28.2023 by William Lam // Leave a Comment

A lesser known capability of the VMware Cloud Console is that we support a number of different authentication policies that can be configured to provide more secure access and/or restrict who can access the different VMware Cloud Services like VMware Cloud on AWS, vSphere+, vSAN+, VMware Cloud Foundation+ or ANY other VMware Cloud Service for that matter within your VMware Cloud Organizations(s)!

To configure the authentication policies, you will need to have the Organization Admin role and then click on "View Organization" under your user name and then navigate to Organization->Authentication Policy. In addition to configuring Multi-Factor Authentication (MFA), users also have the option of configuring IP Address Range (allow/deny rules) and Source Domain (allow) restriction policies as shown in the screenshots below.

For more details, please refer to the official VMware Cloud Services documentation on configuring these different authentication policies.

Lastly, you can also configure Enterprise Federation which allows you to login to the VMware Cloud Console using your desired identity provider, which is another frequently asked question.

Logging into vCenter when vCenter Cloud Gateway (VCGW) is disconnected from vSphere+ Cloud Service

02.22.2023 by William Lam // 2 Comments

As part of setting up access to the vSphere+ / vSAN+ Cloud Service, a vCenter Cloud Gateway (VCGW) is deployed into your on-premises infrastructure and serves as a gateway between your vCenter Server(s) and the VMware Cloud Console.

If the VCGW has connectivity issues to the VMware Cloud Console for whatever reason, your infrastructure and workloads continue to run but you will not be able to perform any operations through the VMware Cloud Console until connectivity is restored.

UPDATE (06/21/23) - The period in which VMware declares a VCGW unreachable has been updated from 24hrs to 7 days. This means even if your VCGW loses connectivity, you will still be able to login to your on-premises vCenter Server and/or SDDC Manager without needing to go to emergency URL.

However, if you attempt to login into your on-premises vCenter Server(s) using the vSphere UI, you may be surprised to find the following error message.

The message may looking alarming at first about not being able to login, but can still login even if connectivity between the VCGW and VMware Cloud Console has been lost.

While I will agree the user experience may not very intuitive, the hint is in the URL link below where it says "Still having connection problems?"

[Read more...]