VMware Cloud Community
Heartstealer
Contributor
Contributor
‎02-26-2009 09:01 AM

Configuring HA Stuck at 50%. What are the ports to be opened on FW?

Hi Guys,

I have recently migrated my ESX Servers into a new datacenter. Its only a physical movement of the servers. However, when i connect the vCenter management server to the ESX Servers. They have intermitten connection problems and when the got attached to my cluster in VC which is HA enabled the HA configuration on each host is stuck at 50%.

Please note that vCenter server and ESX Servers are on different VLANS. Is that ok or not recommended? The Service Console is on a different VLAN, vmkernel is on a different VLAN and so is the production network which will be used by VMs. I hope seperating the VMK and SC is not a concern.

What are the ports thats important to be opened for communication :

Ports which needs to be open in between ESX Servers for vmotion, management etc?

Ports which need to be open between ESX Servers and outside world to allow management and connectivity if the VC goes down?

Ports which needs to be opened between the ESX Servers and the vCenter server for management.

Ports which needs to be opened between physical servers and my vCenter server (its installed with converter enterprise) for P2V

Ports which needs to be opened between my vCenter server (its installed with converter enterprise) and ESX for putting VMs as a result of P2V.

Any other ports which you guys think is important and should be opened on the firewall and please mention the purpose if you could. My vCenter server also has an update manager.

I am searching documentation and find it really confusing.

Any help in this regard is very much appriciated.

Thanks

Rahul

0 Kudos
3 Replies
vistaphotos
Enthusiast
Enthusiast
‎02-26-2009 12:21 PM

Ports are detailed in Table 10-1 of http://www.vmware.com/pdf/vi3_35/esx_3/r35u2/vi3_35_25_u2_3_server_config.pdf

You need to be able to ping from each ESX to every other ESX in the cluster AND VC using short hostname and FQDN. Similarly you need to be able to ping from VC to each ESX in the cluster by short hostname and FQDN.

Heartstealer
Contributor
Contributor
‎02-26-2009 01:17 PM

I got the ports identified. However, in my VLAN i have disabled ICMP is it a required port for the HA or its only that it should resolve with FQDN and short name?

0 Kudos
satishgte
Enthusiast
Enthusiast
‎02-27-2009 03:08 AM

Hi

HA need name resolution with all hosts including VC. so you please enter hostname to you DNS host entry or enter with hosts file of every ESX server and Virtual Center Server.

Thanks