The NSX Edge Gateway comes pre-armed with the ability to provide an SSL VPN for remote access into your network. This isn't a new feature (SSL VPN was available in vCloud Networking and Security), but it's worth a run through. I'm configuring remote access to my Lab, since it's often useful to access it when on a client site, but traditional VPN connections are often blocked on corporate networks where HTTPS isn't.
As a PowerShell fan I find using the vCO PowerShell plugin makes my life a whole lot easier. What isn't easy however, is the configuration of vCO and a PowerShell jump host. Having done it a few times, this is my method for ensuring a secure working connection using HTTPS and Kerberos. Configure the Orchestrator Appliance Since we’re planning on using Kerberos authentication, we’d better ensure that the time is correct AND syncs to the same source as the domain.
This had me scratching my head, what seemed to be a common problem wasn’t fixed by the common solution. It was actually my fault – too familiar with the product and setting things up too quickly to test. I installed a VCSA 5.5 instance in my lab as a secondary site for some testing and during the process found I couldn’t log on to the web client – it failed with the error: