VNC can be enabled on ESXi hosts to enable remote console connections to virtual machines; this is useful for Mac users who do not have a native VMWare vSphere client or to provide console access for users who are otherwise without the vSphere client.
Verify Host Firewall Settings
The VMWare host needs a custom firewall rule to allow VNC connections, to verify if this already exists browse to the host in the inventory, go to the configuration tab, and click ‘Security Profile’ under the Software section of links:
You should see the VNC firewall rule shown above, if not then the rule needs to be configured: (If the rule already exists, skip to ‘Configure a Virtual Machine for VNC’ section.)
*In the ‘Services’ section of the security profile window shown above, click Properties
*Select SSH and click the options button, then start SSH
*SSH to the IP address of the VMWare host and enter the following command:
This will create a new firewall rule file, press ‘a’ on your keyboard to enter edit mode. (vi is a CLI based text editor)
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
Paste the above into the file (opens ports 2000 - 2099), then press the escape key and enter ‘:wq’ (without the quotes) to save the file and exit the text editor. Now you need to refresh the firewall rules:
Now if you refresh the firewall rules in vSphere the new VNC rule should appear.
Configure a Virtual Machine for VNC
Now that the firewall rule is enabled all that is left is to enable VNC on the virtual machine. The VM needs to be shut down to edit this setting.
Go to ‘Edit Settings’ for the virtual machine
Go to the ‘Options’ tab
Select ‘General’ under the Advanced section
Click the ‘Configuration Parameters’ button
Add rows to the list as shown in the image below:
Be sure to choose a port number within the range 2000 - 2099 as these are the ports we opened on the firewall. ‘RemoteDisplay.vnc.password’ is optional, if you do not add it then VNC will work without any authentication.
That’s it! You should now be able to VNC to the IP address of the VMWare host, with the port number you configured for the VM!