Copyright 2019 - CSIM - Asian Institute of Technology

VMware vSphere Client cannot be used outside of CSIM because of the restrictions on the firewall. These restrictions can be bypassed by configuring SSH tunnels.

The following example will use puTTY as SSH client. Obviously, VMware vSphere Client too must be installed on your PC. For non-Windows system, see below.

The first step is to install the software and make sure they are working, VMware vSphere Client must be tested inside CSIM and puTTY must be used to connect to from outside CSIM.

Configuring puTTY for SSH tunnel

VMware needs four tunnels on TCP ports 80, 443, 902 and 903. For some reason, VMware vSphere Client refuses to work on a tunnel opened on the IP Instead you can use the IP, it works fine.

Port 443 is used by all the VMware traffic between VMware vSphere Client and the VMware ESXi server. Port 902 is used when you open the console of your virtual machine. Port 80 is used to a a page with an error. I have not ye seen the use of port 903 but it was documented elsewhere. Traffic to port 902 is mostly VNC.

1. Start puTTY.
Enable compression: VMware vSphere Client allows you to access your virtual machine in console mode, that is you may end up doing remote desktop to your virtual machine. If you are using a Graphical User Interface on your virtual machine, a large amount of data will be sent through the SSH tunnel, between your PC and your virtual machine; you better reduce the amount of data with ccompression. 
Compression is configurable under the option SSH.
2. Create the tunnel: the example correspond to the tunnel for TCP port 80.
Go to the option SSH/Tunnels and add a new forwarded port from source port to The option local and auto should be selected by default. 
Note that the field to enter the source port is too short but you should enter the full
Click on add.
3. Reapeat the operation above, adding forwarded ports for TCP ports 443, 902 and 903.
At the end, you should have the list of forwarded ports given in the image:

Note that the window can only show three ports while you have forwarded four. Use the scrollbar to check all ports are thete.
4. Go to the session option at the very top and specify the destination where you connect to by in the host name field.
Give a name to the session and save it: you will be able to reuse it later on.
You can then open the connection.
Later you will be able to open the session you have saved and proceed on, starting from step 5 below.
5. Enter your CSIM username and password. 
You are connected to and the SSH tunnels are created: your local machine at like a VMware ESXi server, but all the traffic will be sent to bazooka through the tunnel and bazooka will send that traffic to the real VMware ESXi server
6. Launch VMware vSphere Client and connect to the server
Use the username and password as you would use them in CSIM and work normally.

Et voilà!

SSH tunnels for non-Windows systems

On Linux, you can use ssh to establish the tunnel needed to run vmplayer across CSIM firewall.

Note that because it uses system ports, you need to be root to run the following command.

ssh <your account>

Then you can run vmplayer -H localhost on your Linux machine.

Powered by: puTTY

Login Form


School of Engineering and technologies     Asian Institute of Technology