VMware Cloud Community
fsckit
Enthusiast
Enthusiast
‎12-29-2014 11:13 AM

remote esxcli Connection failure


Running remote esxcli commands from our vMA against some of my ESXi 5 hosts fails with: "Connect to <hostname> failed: Connection failure"

If I use a Perl script on the vMA to make a TCP connection on port 443 of the host, it fails.  (Most hosts pass this test.)

Am I right to assume this is a network firewall issue?  I can connect to these hosts from our vCenter server just fine, and if I use vSphere Client to turn on SSH on these hosts, I can ssh from the vMA to the hosts just fine. I can run the esxcli commands on the hosts, just not remotely, from the vMA.  Anything I should check before I point fingers at the group that manages our firewalls?

Tags (3)
0 Kudos
4 Replies
GreatWhiteTec
VMware Employee
VMware Employee
‎12-29-2014 11:45 AM

I believe you need port 902 open at least for older versions of vMA, port 443 is required. Do a telnet test on that port.

0 Kudos
fsckit
Enthusiast
Enthusiast
‎12-29-2014 11:50 AM

Port 902 does not seem to be correct.  I cannot connect to that port even on the hosts where remote esxcli commands are working. 

0 Kudos
GreatWhiteTec
VMware Employee
VMware Employee
‎12-29-2014 11:54 AM

Older version... Port 443 per latest docs.

VMware KB: TCP and UDP Ports required to access VMware vCenter Server, VMware ESXi and ESX hosts, an...

0 Kudos
fsckit
Enthusiast
Enthusiast
‎12-29-2014 12:03 PM

Thanks. Yes, I was reading that document. I had hoped to find something specific mentioning esxcli or the vMA.  I guess it uses the same port and protocol to connect to the host as the vSphere Client does.

0 Kudos