Hi,
There are many posts ( and I think I looked at them all today) dealing with this subject but none show exactly what I see.
VCenter server has 5 ESX 4.0 hosts. One host states not responding. You connect and it stays up for about one minute.
The host can be accessed fine with the vSphere client and Putty and all VMs are working fine.
Pinging the hostname shows the proper IP
esxcfg-firewall shows port 902 accepting
SSL is not enabled
https://servername shows the certificate all with the correct infornation
My log shows:
SSLVerifyCertAgainstSystemStore: Subject mismatch: NASVM004 vs xxx.xxx.4.187
SSLVerifyCertAgainstSystemStore: The remote host certificate has these problems:
The host name used for the connection does not match the subject name on the host certificate
The host certificate chain is not complete.
SSLVerifyCertAgainstSystemStore: Certificate verification is disabled, so connection
will proceed despite the error
Read timeout after approximately 905000ms. Closing stream
SSL(TCPClientSocket(this=63C2530, state=CONNECTED, _connectSocket=TCP(fd=-1), error=(null))
TCPStreamWin32(socket=TCP(fd=7880) local=xxx.xx.5.95:2140, peer=xxx.xxx.4.187:443))
Read timeout after approximately 905000ms. Closing stream
SSL(TCPClientSocket(this=8549818, state=CONNECTED, _connectSocket=TCP(fd=-1), error=(null))
TCPStreamWin32(socket=TCP(fd=11348) local=xxx.xxx.5.95:2142, peer=xxx.xxx.4.187:443))
Marked xxx.xxx.4.187 as dirty.
Any assistance would be appreciated
Have you verified that the host name used for the connection does match the subject name on
the host certificate? Keep in mind that you are working with a Linux based system so Server1 and server1 do not match.
________________________________
Jason D. Langdon
Hi,
Check server IP is pointing to VC in /etc/opt/vmware/vpxa/vpxa.cfg
Also if you have firewall between VC and ESX, ensure UDP 902 is allowed.
Award Points if helpful!!
Thanks to all who contributed.
I should have stated upfront that this was working correctly and the end user stated nothing had changed.....
After verifying that VMs were not set to autostart, I did a mgmt-vmware restart and a vmware-vpxa restart and the ESX host did not drop. It has been up for a week.
I'm having the same problem, but restarting mgmt-vmware and vmware-vpxa doesn't work, even if i do this, i can't connect to ESX by vi-client for a long time...
i already remove the vpx agent and add ESX to vcenter so it can be reinstalled, but the same result.. it gets connect for some minutes and then it is disconnected again...
firewall is setting OK, i have vpxa.cfg configuration OK, with IP numbers, not hostnames, but i guess it has to work anyway...
i can ping all servers, vcenter servers etc
i don't know what else to try... it doesn't matter if i use ip address or hostname to connect, it has the same result...
Does someone have any new idea?
Thanks in advance...
In what network are those hosts?In the same as that host that is
disconnecting?Are there any firewall between esx hosts?Is NAT present?
Check for duplicate IPs on the network. Run ping -t to host taht disconnects and power off this host.
---
MCSA, MCTS Hyper-V, VCP 3/4, VMware vExpert '2009