Identify SSL VPN Plus on NSX-V Edges

Aktualisiert: 3. Jan.

End of support for VMware NSX for vSphere (NSX-V) is getting closer and one of the features not being supported on NSX-T anymore is the still widely used SSL VPN Plus component. How to configure new solutions for Remote Access is described in VMware's whitepaper "VMware Cloud Director Remote Access VPN Integration Guide" but the initial challenge is to identify which of your hundreds of NSX Edges are using this feature.

Luckily there's an easy way to find out through the REST API of NSX-V by using PowerNSX.

Although PowerNSX is not always the best solution for your scripts it's an easy tool to invoke REST Methods using its integrated authentication by connecting the NSX Manager through vCenter.


Install PowerNSX and connect

If you haven't installed PowerNSX just do so by executing the Install-Module command below and connect to your NSX Server through vCenter Server.

Install-Module -Name PowerNSX
Connect-NsxServer -vCenterServer myvcenter.naveum.corp

Run the following commands to get the list of NSX Edges where SSL VPN Plus is enabled

#get a list of your NSX Edges
$uriedges = "/api/4.0/edges/"
$edgelist = Invoke-NsxRestMethod -URI $uriedges -method get
$edgelistfiltered = $edgelist.pagedEdgeList.edgePage.edgeSummary

#get the SSL VPN status for your NSX Edges
foreach ($edge in $edgelistfiltered) {
    $sslconfigstatus=$null
    $uri0 = "/api/4.0/edges/"
    $uri1 = $edge.id
    $uri2 = "/sslvpn/config"
    $uri = $uri0 + $uri1 + $uri2
    $xmldoc = Invoke-NsxRestMethod -URI $uri -method get
	$sslconfigstatus = $xmldoc.sslvpnConfig.enabled
	if ($sslconfigstatus -eq "true"){
		$edge.name
	}
}

Although this will not be your solution to replace SSL VPN Plus you are at least one step closer to get there.

374 Ansichten

Aktuelle Beiträge

Alle ansehen