I just discovered that I am unable to access the VMRC at all (for any VMs), I get the old: Unable to connect to the MKS: Internal error
FYI: VM and client are on same broadcast domain, no firewall (Windows or otherwise), DNS is working and tested from client and host
I am having some trouble with AD, in another discussion
At this point, I can log-on to SSH with: firstname.lastname@example.org
and I can use the C# client with: email@example.com but not DOMAIN\user
Can you vMotion the VM to another Host and check if that works?
the VM and the Client dom't have to be on the same subnet.
it's more important that the esx server or the vcenter have to be on the same subnet like the client. or you have openend the needed ports (443/902/903 and so on) on the firewall if they aren't on the same subnet....
Don't have vMotion up yet.
Broadcast Domain is essentially the same thing as the same subnet/network. For testing, ESXi, vCenter, VM's, everything is on the network: 172.20.0.0/16
The "MKS internal error" was happening both when connected through vCenter and when connected directly to the ESXi host. I have verified DNS on both the ESXi and the VCSA is working.
i know you don't want to hear it but have you disabled the windows firewall?
the MKS error is most of the times in context with dns, network or firewal...
can you add the esxi host entries to local PC's HOST file, from where you are opening vSphere Client and check post this?
Done and Done!
I first tested forward DNS from Windows and VCSA (ping esxi.mydomain.local) and from ESXi (ping dc1.mydomain.local) - no problems
Even so,I added entries to the hosts file (for vCenter and ESXi) on Windows where the client is, then I added entries to the hosts file on VCSA (for ESXi). - no changes. Those entries have now been removed.
I think I can conclusively state that it is NOT a DNS issue.
A new symptom: before this happens, I get a certificate warning from VCSA/client stating that the certificate ESXi is presenting is not the same at the one I initially trusted. It is almost as if the ESXi is somehow regenerating certificates and causing trust issues.
The fix is a reboot. On an ongoing basis, ESXi hosts can not require regular reboots,
Thanks for your help!
Could you please log in into your ESXi directly with the ip ? And then try ? Than should exclude the dns.
Another thing that you could try is vSphere Documentation Center . I usually recreate the self signed certificates once I have completely set up the ESXi with fqdn DNS ( the certificates are created during installation for localhost.localdomain ) . You will have to reboot the ESXi and might have to reconnect to the vCenter , as the ESXi will present a new certificate . If that still fails , open https://fqdn.of.esxi on the client pc, and accept & add the certificate.
Warning : As I do not know about your setup , if you use domain certificates vs self signed etc, it is just an ideea .
Hope you get this fixed.