To connect to a VM, the user clicks the eye button on the VM control panel. The platform opens a connection to the VM using the appropriate protocol, for example, VNC, RDP, or SSH.
By default Abiquo uses Apache Guacamole https://guacamole.incubator.apache.org/ as a remote access server, and it is installed on the Remote Services server. When you configure a datacenter or public cloud region, the platform automatically adds the remote service, and you can share it with other datacenters or providers. Guacamole supports VNC, RDP, and SSH connections using a single solution for all protocols.
When a user requests remote access to a VM:
The following configuration applies to private cloud
When you create a physical machine, the IP address for remote access is generally the Service IP. When you add a vCenter cluster as a physical machine, the platform will assign a host IP for remote access based on the IPs defined for management traffic. See Abiquo Configuration Properties#esxi for properties to define the networks or IP addresses or request that the platform should detect host IPs used for management traffic.
Each VNC connection to a VM on the hypervisor will require a port. The Abiquo default port range for VNC connections is 5900 to 65534. In general, VNC connections should use ports 5900 to 6000. Review the remote access documentation for your hypervisor. Note that VMware only recommends ports 5900 to 5964 (See VMware Documentation).
To configure the port range, in the Abiquo Configuration Properties, set the properties abiquo.vncport.min and abiquo.vncport.max.
To set a default ESXi keymap value for the platform, see Abiquo Configuration Properties#vnc,
To set default ESXi keymap and pulldown values for VMs in the UI, see Configure Abiquo UI.
Note that on ESXi for certain locales, when using remote access from a web client, some keystrokes do not translate. See https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2071245
To brand the Guacamole client:
By default, remote access is enabled for the whole platform.
To change the remote access configuration for the platform:
The state of remote access will change for VMs that are NOT deployed. Deployed VMs will keep their original state. After you disable remote access, you cannot access deployed VMs through the eye icon but the port is still enabled on the hypervisor, so another client can connect.
For VM templates, administrators can set a default VM user and password for SSH connections. With a compatible template, users can request an initial VM password using guest setup, which will be sent to them by email or SMS. See Guest setup
For remote access, user accounts should have an SSH public key, email, and telephone number (cell phone).
For native VM settings, see VM general information, which includes enable/disable, ESXi keymap, and password.
For settings for VMs captured from hypervisors, see Import and Capture Virtual Machines.
For public cloud and private clouds such as OpenStack, in addition to the SSH public key in their account, users must have a public IP on the VM, and the firewall must allow access to an appropriate port for direct SSH connection to Linux guests and direct RDP connection to Windows VMs.