Which exact version of vCenter you're running? And this is a brand new vCenter or it is a old one? And the hosts and vCenter are on the same network? If not, check the following KB article: ESXi/ESX host disconnects from vCenter Server 60 seconds after connecting (1029919) | VMware KB
Based on the build number, you're running the vCenter Server Appliance 6.0 Update 3b, and based on VMware Interoperability Matrices, your vCenter do not support ESXi 5.1 hosts, see: VMware Product Interoperability Matrices
Not sure if the Matrix is really 100% correct, but I will recommend you really verify if the required network port 902 UDP is open on both directions and consider upgrade your host to a supported version.
Sorry, I put the wrong KB article on my first reply, but have changed to point to the correct VMware KB article that shows how to check bi-directional traffic, see: ESXi/ESX host disconnects from vCenter Server 60 seconds after connecting (1029919) | VMware KB
To verify if bi-directional traffic is allowed:
- Download Wireshark from http://www.wireshark.org/ and install it on the vCenter Server system.
- On ESXi, enable Tech Support Mode. For more information on enabling Tech Support Mode, see:
- For ESXi 4.1 and 5.x: Using Tech Support Mode in ESXi 4.1 and ESXi 5.x (1017910)
- For ESXi 4.0: Tech Support Mode for Emergency Support (1003677)
- Download the Python script attached to this article (
udp_client.py) to the ESXi/ESX system in question.
- Edit the
udp_client.pyscript on the ESXi/ESX host using a text editor. Modify the line, "
host = '192.168.1.1'" and replace
192.168.1.1with the IP address of the vCenter Server system.
- Start Wireshark on the vCenter Server system.
- In the Filter field, enter
ip.src==IP_of_host and udp.port==902. Replace
IP_of_hostwith the IP address of the ESXi/ESX host in question.
- Click Apply.
- From the Capture menu, select Interfaces and click Start next to the NIC used for vCenter Server IP traffic.
- From the ESXi/ESX host, run this command:
The total number of packets sent, the port, and the destination address are displayed.
- On the vCenter Server system, watch the Wireshark screen for any packets showing up that match the filter applied.
- If no packets are received, this indicates that something is blocking UDP traffic over port 902 from the ESXi/ESX host to the vCenter Server system. Inspect the physical networking environment and any software-based firewall on the vCenter Server system.
Ensure that these ports are open in the firewall between vCenter Server and the ESXi/ESX hosts:
- 902 - UDP & TCP
- 443 - TCP
Install and use tcpdump like described on the following VMware KB article: How to install tcpdump package on vCenter Server Appliance (2084896) | VMware KB
Steps #8 of the VMware KB that I posted in one of my previous answers says the following:
If no packets are received, this indicates that something is blocking UDP traffic over port 902 from the ESXi/ESX host to the vCenter Server system. Inspect the physical networking environment and any software-based firewall on the vCenter Server system.
So, based you that, you will really need to check if that port is allowed on firewall.
what exact tcpdump should i use?
tcpdump -n host x.x.x.x -vv /tmp/filename.pcap
Like described on VMware KB 2084896 that I posted previously, the tcpdump -i interfacename -w filename should be enough to capture traffic and write to a file.
is it udp 902 on the appliance or esxi host?
or it is tcp 443 on the esxi host?
Port 902 UDP should be open between ESXi host and vCenter to managed host send regular heartbeat to vCenter server. Port TCP 443 must be open too, but that port is for another purpose, and not for heartbeat. See full port documentation here: Network ports required to access vCenter Server, ESXi, and ESX hosts (1012382) | VMware KB