VMware Cloud Community
blacktusk
Contributor
Contributor
‎04-30-2012 12:04 AM

ESXi VMs stopped talking over RDP

I have an ESXi 5.0 Server configured with a number of VMs. All VMs use DHCP to obtain IP Addresses. Until the last reboot I was able to use RDP to connect to the VMs from anywhere in our work network. However now, although I can Ping out from the VMs to any physical machine on the network either by IP address or name, I cannot ping into the VMs from outside, nor can they ping each other. The virtual machines are all on a common vswitch using a single physical NIC. I can still ping the ESXi server (kernel port and management network) from any machine.

The Windows Firewall is disabled on all VMs, and Remote Access is enabled - this was all working fine!

2034798.png

The leases in DHCP are fine

2034798_1.png

0 Kudos
4 Replies
peterdabr
Hot Shot
Hot Shot
‎04-30-2012 06:26 AM

Hi,

Can you confirm whether you can ping between two VMs on the same vSwitch, portgroup? Also important, can you see ARP'd MAC address of destination VM in source's arp table  (and vice-versa)?

Can you confirm that MAC addresses inside the OS of those two VMs matches the MAC address that's specified in .vmx file for both VMs?

I suspect that maybe the Security policies of vSwitch are set to something like that:

MAC Address Changes: Reject

Forged Transmits: Accept

which would prevent incoming traffic to VMs if it arrives on vSwitch with a MAC address that's different to the one set for that VM in .vmx

Peter D.

Cyberfed27
Hot Shot
Hot Shot
‎04-30-2012 11:17 AM

Another shot in the dark is try removing the NIC from the suspect VM and re-adding it.

Hail mary but it may work.

Also - add more NICs to that switch please! Yikes!

0 Kudos
blacktusk
Contributor
Contributor
‎04-30-2012 03:09 PM

Hi Peter

Thanks alot for your response.

I have checked all your suggestions. Firstly Security config is set to Accept MAC Address changes.

The MAC address of the VM .vmx adaptor is the same as that inside the OS (this applies to all checked VMs);

2035372_3.png

2035372_4.png

However, the VMs cannot ping each other, nor do they show up in each others arp table; In fact the VM arp tables show very few hosts.

VM1 arp table

2035372_5.png

VM2 Arp table

2035372_6.png

Source (Physical MC) arp table

2035372_7.png

This physical machine (192.168.1.111) cannot ping the VMs (.113 or .125) despite them being present in the arp table?

The VMs can ping this physical machine (.111) and others listed in the arp table above, despite not being present in their own arp table??

Cyberfed27 - I did try recreating the NIC but this had no effect (it was recreated at the same MAC address)

As I mentioned in my previous post, this was all working previously and I have not changed any network config on the ESXI.

0 Kudos
blacktusk
Contributor
Contributor
‎04-30-2012 05:21 PM

I have resolved the issue!

Although I had disabled the Windows Firewall for Home or Private Networks, the local network was being treated as a Public Network.

I have now added the VM servers into our AD domain, and added an inbound ICMP Rule ( as per http://technet.microsoft.com/en-us/library/cc947809%28v=ws.10%29.aspx) for Domain Networks and bingo - all is now good.

Still cannot confirm how it was working previously - although I suspect the LAN was being seen as a Private network - not sure why this would have changed.

Thanks for your asistance.

0 Kudos