Also, you can test,from SSH connection on ESXi host, if the host has HTTPS port open with this command:

nc -z localhost 443

Thanks for the responses.

The nc test succeeded on the server and the tnc test was successful from my windows server on the same vlan. From my workstation on a different vlan, the tnc test had a successful ping but TcpTestSucceeded was false.

I can limit these tasks to the server where the test was successful, but I still can't connect with a browser. I've cleared browser data and retried, but no dice yet.

Any other suggestions?

Another note - I moved these hosts to their current vlan a couple of years ago, so I just double-checked the management network and verified that it's enabled on the vswitch with the new vlan and disabled on the old one. It's possible that I haven't connected to the host websites since I've done that, so is there something else I should check related to that move?

Ciao 

Try to restart the management service:

Restarting the Management agents in ESXi (1003490) (vmware.com)

Thanks. I'll try these steps.

This is the error I usually get, although a few times it has just hung without displaying the error.

***

The connection has timed out

The server at 172.28.211.42 is taking too long to respond.

The site could be temporarily unavailable or too busy. Try again in a few moments.
If you are unable to load any pages, check your computer’s network connection.
If your computer or network is protected by a firewall or proxy, make sure that Firefox is permitted to access the Web.

***

I tried restarting all the services and then decided to restart the server, but still no luck.

With the same thing happening on all 3 of my hosts, I feel like reinstalling won't help. I feel like it might be a cert issue with the self signed certs, even though vcenter says they're good through 2026. I'm happy enough with self signed certs since we're firewalled and only a few admins need access, so I wonder if I just need to renew the certs or remove the hosts from vcenter and re-add. I guess I can try both of those and contact vmware support if that doesn't help.

Hello.
If you reinstall the ESXi Host from scratch, the certificates and configurations are new and standard, you should be able to connect to the web client. Your problem could be in your network (physical switch, firewall etc.) or in the browser you are using.
If you still have doubts you can connect directly (direct cable) to the ESXi host with a portable, use an IP of the same range of the ESXi Host and perform:
ping the ESXi IP and it should respond without problems.
Enter through a browser to the ESXi host IP (access to the web client https:/ip).

Thanks, Enrique. I will try that.

Was this problem ever resolved?  I have the same issue, Cannot connect to the UI from separate network.  Routing works, and some application layer communications are successful, but it behaves like it's stuck in a loop trying to complete the connection. I have no log entries on my pfsense firewall and have allowed all traffic between networks, so I dont think it's at the firewall.

My guess is that it's an ACL on vmware, but not sure what/where.  I'm very new to vmware.

Depends on how you define "resolved." I still can't connect to the host web gui from a different subnet whitelisted in the firewall, but I can connect from a machine in the same subnet as the esxi hosts so that's what I do now.

I believe I had the same issue. You probably have conflicting IP addresses. So try changing the IP of your exsi or disconnect everything else. I was able to fix it by manually assigning the WiFi device with the same IP a different IP 

I know this is an old thread, but I'll put this here in case someone else runs across this issue.

These symptoms, unable to connect to web UI from a browser on the same subnet, but can from a browser on a different subnet, will also manifest if the system on the same subnet as the esxi host has jumbo frames enabled, but the vswitch on the esxi host to which you're trying to connect does not. Web UI connectivity from systems on the same subnet is restored by either reducing the MTU on the systems on which you're running the browser, or by increasing the MTU of the vswitch on the esxi host to which you're trying to connect. 

I have replicated this on esxi 7.0 Update 3 with the following rig:

HP DL-360 <-> Mellanox CX-5 <-> Arista 7050 <->  ASus XG C100C <-> Windows 11 Chrome

HP DL-360 <esxi 7u3> <-> Mellanox CX-5 <-> Arista 7050 <-> Mellanox CX-5 <-> HP DL-360 <-> esxi 7u3 <-> Windows 10  Chrome

Cheers!