Remote XCP-NG Connection Doesn't Show Console in XO
-
Hello! I connected my friend's laptop XCP-NG up to my XenOrchestra so we can control his VMs remotely, I opened port 443 to his XCP-NG which allowed me to connect the server to my XO but I've noticed we can't see the console. Is there another port to be opened for the console to be streamed?
Thank you!
-
XOA should be inside the same network. Accessing XOA from outside is OK (eg with port forwarding), but it's NOT if XOA has to go through the NAT itself.
Why? Because some operations aren't passing directly through XAPI, but via different URL handlers. Eg when you request a console, XAPI will return the host local IP address (private range) to XO. So your XO will try to connect to this private IP outside this network and it will fail.
In short: use XOA in the same network or use a tunnel/VPN to enjoy all features (console, export etc.)
-
@olivierlambert I see, thank you for the clarification. Already setting up a site-to-site for this, would that work?
-
Using a tunnel/VPN?
- OpenVPN
- Wireguard
- GRE tunnel (with IPSEC if you want it to be secure)
PPTP(obsolete)- XO Proxies (recommended)
There's a lot of solutions.
Another way would be for us, in the future, to use our XO proxies to solve this without having to create tunnels. I think it might happen because there's a lot of use cases for this usage
-
@olivierlambert I'd love that proxy idea, but right now setting up a site-to-site OpenVPN setup right now. Thank you for the quick replies as always!
-
You are welcome
-
@olivierlambert Got it connected via the VPN and it works flawlessly now
-
Enjoy XO!
-
@Soarin Hi! Would you mind sharing what config did you use for openvpn?
Did you install openvpn in the xcp-ng host? in a vm? -
Note that the preferred way now is to use XO proxies in such scenarios: https://xen-orchestra.com/blog/xo-proxy-a-concrete-guide/
-
@olivierlambert I just saw Tom post about that. Already investigating about it. Thanks!
https://infosec.exchange/@tomlawrence/109404324178466606
