VMware Cloud Community
ajesha008
Contributor
Contributor

Unable to add host in VC

Hi,

I've installed ESX 4.0, in DMZ net work.

When I tried to add this server in Virtual center I get "Request timed" out error, but Im able to manage this server using vSphere client and able to connect using Putty.

Im able to telnet 903 from VC server also from where I installed vSphere client.

any help would be highly appreciated.

Thanks,

Ajesh

Reply
0 Kudos
10 Replies
Maximenu
Hot Shot
Hot Shot

Try with 902 port and 443

Update

22. ssh access to service console.

80. HTTP access to web servers.

443. HTTPS SSL access to web servers for VI Web Access.

902. VI Client access to ESX Server or VirtualCenter, and communication between VirtualCenter and ESX Server hosts or between hosts.

903. VM Console access via VI Client or VI Web Access.

2049. Connection to NFS storage devices.

2050-5000, and 8042-8045. Traffic between ESX Server hosts for VMware HA (also utilizes EMC Automated Availability Manager).

3260. Connection to iSCSI storage devices.

8000. Incoming requests from VMotion.

8083. VirtualCenter diagnostics port.

8086. Apache Tomcat web server admin on VirtualCenter Server

27000. License transactions from ESX Server to the License Server.

27010. License transactions from the License Server.






Javier Galvez

VCP 2/3/4

MCTS Hyper-V and SCVMM

CCA XenServer

CCA XenDesktop

Javier Galvez

Customer Success Compute and Cloud

Joined the VMTN Community in Dic, 2004

If you find this or any other answer useful please consider awarding points by marking the answer correct or helpful.
Reply
0 Kudos
ajesha008
Contributor
Contributor

i tried 902 and 443 both are open.

Reply
0 Kudos
a_p_
Leadership
Leadership

What about the DNS configuration? Can the host resolve the FQDN of vCenter Server and vice versa.

André

Reply
0 Kudos
ajesha008
Contributor
Contributor

yes it does name resolution.

Reply
0 Kudos
techsuresh
Enthusiast
Enthusiast

Hi,

Have it connected to vCenter before? Since vCenter is a Windows server with a different IP address, it might be on a different LAN segment or VLAN. Are there any firewalls between the ESX SCs and vCenter? It sounds like there might a networking or firewall issue there. When you connect to an ESX box directly with VI client, you are just connecting from your VI workstation to the ESX SC. When you connect hosts to vCenter, then vCenter is trying to communicate with the SC of the ESX boxes, so the networking is totally different. Can you check the networking and firewalls between the ESX host in question and vCenter?

Good Luck

if you found this post helpful please consider the use of the Helpful/Correct buttons to award points

Suresh

Reply
0 Kudos
ajesha008
Contributor
Contributor

Thank you for your reply..

I had this server earlier in the Vcenter , it was ESX 3.5, and I upgraded to 4.0 after that im unable to add to vcenter.

Thanks,

Ajesh

Reply
0 Kudos
techsuresh
Enthusiast
Enthusiast

now try to diconnect and remove the host from inventory and connect it again. your problem will be solved. this was happened to me few days back. i did like this.

if you found this post helpful please consider the use of the Helpful/Correct buttons to award points

Suresh

Reply
0 Kudos
jcwuerfl
Hot Shot
Hot Shot

Is there security concern for putting the whole ESX host in the DMZ vs. just adding a DMZ uplink port for your VM's ?

What version of vCenter do you have running? I think you said your ESX hosts were 4.0, so you must have at least version 4.0 for vCenter

Do you see any errors besides a Timeout error ? have you looked in the vCenter logs or in the ESX Logs at all?

If its in the DMZ there are actually 2 firewall's you need to check to make sure the ports are open. 1) is the ESX firewall, 2) is your Network Firewall telneting to each of the ports from your vCenter server is a pretty good indication its open or not.

TCP and UDP Ports required to access vCenter Server, ESX hosts, and other network components:

http://kb.vmware.com/kb/1012382

From above article:

ESX 4.x 47 UDP ESX/ESXi Host Physical Switches vDS (Virtual Distributed Switch) Broadcast

ESX 4.x 902 TCP VI/vSphere Client ESX/ESXi Host VI/vSphere Client to ESX/ESXi hosted VM connectivity

ESX 4.x 902 TCP/UDP ESX/ESXi Host ESX/ESXi Host Authentication, Provisioning, VM Migration

ESX 4.x 902 UDP ESX/ESXi Host vCenter 4 Server Heartbeat

ESX 4.x 903 TCP VI/vSphere Client ESX/ESXi Host VM Remote VM Console

ESX 4.x 2050 to 2250 UDP ESX/ESXi Host ESX/ESXi Host VMware HA

ESX 4.x 5989 TCP ESX/ESXi Host VirtualCenter/vCenter CIM Secure Server to CIM Client

ESX 4.x 8000 TCP ESX/ESXi Host (VM Target) ESX/ESXi Host (VM Source) VMotion Communication on VMKernel Interface

ESX 4.x 8000 TCP ESX/ESXi Host (VM Source) ESX/ESXi Host (VM Target) VMotion Communication on VMKernel Interface

ESX 4.x 8042 to 8045 TCP ESX/ESXi Host ESX/ESXi Host VMware HA

ESX 4.x 8100 TCP/UDP ESX/ESXi 4 Host ESX/ESXi 4.x Host VMware Fault Tolerance. ESX/ESXi 4 only.

ESX 4.x 8200 TCP/UDP ESX/ESXi 4 Host ESX/ESXi 4.x Host VMware Fault Tolerance. ESX/ESXi 4 only.

443/902/903 seems to be the key ports you need to make sure that is open.

This PDF also does a great job of visualizing all of the communications that happens from various components:

http://www.virtualinsanity.com/wp-content/uploads/connections-ports-esx.pdf

If those ports are open, and you still can't add it to vCenter then it could be another issue. You can always take it out of the DMZ put it on a local subnet to the vCenter server and try it again and see if it does work in that case so you know if it is a network/firewall issue or something else.

Reply
0 Kudos
caledfwlch
Contributor
Contributor

How many NIC do you have in that host, make sure that in the host console, both NIC are checked (connected).  I hope this helps.

Reply
0 Kudos
tim781996
Contributor
Contributor

I had a similar problem this morning. VC lost its connection to two of my hosts after I moved some redundant network connections to redundant switches. I migrated the VC from one host to another, and I was able to get it to see the missing hosts again. Bottom line: see if you can rule out possible faulty paths when you encounter this issue, especially when you can't find an answer in the KB and restarting services & rebuilding files doesn't help.

Reply
0 Kudos