Hi. I'm running SRM 5.1.1 with vCenter 5.1 Update 1. Primary and secondary sites separated by physical firewalls. I've followed the kb on ports:
http://kb.vmware.com/selfservice/microsites/search.do?cmd=displayKC&externalId=1009562
I've tested with telnet and I can successfully connect from primary SRM to remote vCenter over 80, and vice versa from remote SRM to primary vCenter. Each vCenter can successfully communicate with their own local SRM server over 8095. In the primary vCenter I'm able to successfully establish reciprocity, and after I'm prompted for the remote vCenter creds, I see both sites successfully connected.
Now, when I hop over to the remote vCenter (recovery site) I'm able to establish reciprocity between both sites, but when the prompt comes up to enter creds for the remote vCenter (primary site), I get an error that comes back as "Unable to connect to the remote server"
Not sure where the issue resides. Any help most appreciated.
Thanks
Hi Stefan. Thanks for the reply. I just resolved the issue. I asked our firewall guy to create a rule from the recovery side vCenter to the protected side vCenter over port 80/443. So, vCenter to vCenter. After he created that rule, my recovery side shows both sites as connected. Now, the odd thing is that according to the SRM firewall rules kb, there is no vCenter to vCenter rule:
http://kb.vmware.com/selfservice/microsites/search.do?cmd=displayKC&externalId=1009562
The only reason I asked him to add this rule was because for whatever reason that was open from protected vCenter to recovery vCenter (port 80/443) and the protected side SRM plugin was successfully showing as connected. Probably a good idea to include this for future reference.
Thanks
Hello
It seems that what is missing is the ability to establish connection from the machine where you run the vSphere Client on the recovery site to either vCenter or SRM on the protected site (port 80 and 443 for vCenter and port 8095 for SRM). Do you believe you have this covered in your firewall rules?
Best Regards
Stefan
Hi Stefan. Thanks for the reply. I just resolved the issue. I asked our firewall guy to create a rule from the recovery side vCenter to the protected side vCenter over port 80/443. So, vCenter to vCenter. After he created that rule, my recovery side shows both sites as connected. Now, the odd thing is that according to the SRM firewall rules kb, there is no vCenter to vCenter rule:
http://kb.vmware.com/selfservice/microsites/search.do?cmd=displayKC&externalId=1009562
The only reason I asked him to add this rule was because for whatever reason that was open from protected vCenter to recovery vCenter (port 80/443) and the protected side SRM plugin was successfully showing as connected. Probably a good idea to include this for future reference.
Thanks