Webclient hinter Firewall vom HomeOffice aus aufrufen/erreichen.

VMWare offers several remote access options:

• HTML5 web site launching a virtual desktop
• Horizon View Client launching a desktop
• Horizon View Client launching a single application
• Horizon Workspace

I have worked with the first three, all of which use HTTPS/443 for authentication and launch, plus a secondary port running PCOIP, BLAST, or RDP for the session operation.   Consequently, you need to ensure that both the remote location and your server location allow all of the ports that are required.  A home network typically allows all outbound ports, but some business partner networks may lock down non-standard ports by default.

You have the option of running the HTTPS/443 traffic through UTM's webserver protection.   The other traffic is allowed using Firewall Rules.

Alternatively, you can use a tunnel that makes you appear as part of your internal network.   

Sophos offers the RED device, which I have not used but I understand it to be a VPN tunnel and a wireless access point rolled into a single device.

You can also use an SSL VPN Client connection from your home device.

For any form of remote access, I recommend (and PCI DSS requires) two-factor authentication.   VMWare supports two-factor authentication using DUO or other RADIUS-server implementations.   UTM supports two-factor authentication using OTP or DUO.   Using a login to UTM provide break-in evasion and additional logging, but does not provide single signon to VMWARE.   Bypassing UTM login and using VMWare security provides a single-step login.

So  you have lots of choices.

VMWare offers several remote access options:

• HTML5 web site launching a virtual desktop
• Horizon View Client launching a desktop
• Horizon View Client launching a single application
• Horizon Workspace

I have worked with the first three, all of which use HTTPS/443 for authentication and launch, plus a secondary port running PCOIP, BLAST, or RDP for the session operation.   Consequently, you need to ensure that both the remote location and your server location allow all of the ports that are required.  A home network typically allows all outbound ports, but some business partner networks may lock down non-standard ports by default.

You have the option of running the HTTPS/443 traffic through UTM's webserver protection.   The other traffic is allowed using Firewall Rules.

Alternatively, you can use a tunnel that makes you appear as part of your internal network.   

Sophos offers the RED device, which I have not used but I understand it to be a VPN tunnel and a wireless access point rolled into a single device.

You can also use an SSL VPN Client connection from your home device.

For any form of remote access, I recommend (and PCI DSS requires) two-factor authentication.   VMWare supports two-factor authentication using DUO or other RADIUS-server implementations.   UTM supports two-factor authentication using OTP or DUO.   Using a login to UTM provide break-in evasion and additional logging, but does not provide single signon to VMWARE.   Bypassing UTM login and using VMWare security provides a single-step login.

So  you have lots of choices.