VMware Cloud Community
BillStoker
Contributor
Contributor
‎12-30-2013 12:30 PM

Trouble saving IPMI settings on one host in vSphere Essentials

We have vSphere Essentials using the vCenter Server Appliance (VCSA) with two Dell PowerEdge R805 hosts. Both have identical hardware configurations and are generally working fine. Because these systems don't include the full Dell Remote Access Controller (DRAC or iDRAC) option, we'd hoped to utilize the Baseboard Management Controller (BMC) for IPMI feature set for remote power controls from within vSphere client, rather than some third-party Windows-based IPMI utility we'd never use otherwise.

I've confirmed they are both configured correctly and I can connect using a third-party IPMI utility to both.

On one host, I was able to fill out the settings under Host -> Configuration tab -> Software -> Power Management and when clicking Properties provide the Username, Password, BMC IP Address, and BMC MAC Address, and was able to save when I clicked OK.

On the other host, I get a "Connection Error" dialog and it states the request failed because the remote server took too long to respond.

Any ideas?

Reply
0 Kudos
6 Replies
dhanarajramesh
Expert
Expert
‎01-01-2014 01:35 AM

Ensure that the firewall is open for communication between vCenter and BMC. Communication between the iDrac and the vCenter server is done via port 623, so ensure that this UDP port is open.

Reply
0 Kudos
OscarDavey
Hot Shot
Hot Shot
‎01-01-2014 01:59 PM

As mentioned here the firewall might be blocking the port between Vcenter and BMC .


These ports are mandatory:

  • 22 - SSH (TCP)
  • 53 - DNS (TCP and UDP)
  • 80 - HTTP (TCP/UDP)
  • 902 - vCenter Server / VMware Infrastructure Client - UDP for ESX/ESXi Heartbeat (UDP and TCP)
  • 903 - Remote Console (UDP)
  • 443 - Web Access (TCP)
  • 27000, 27010 - License Server (Valid for ESX/ESXi 3.x hosts only)

These ports are optional:

  • 123 - NTP (UDP)
  • 161, 162 - SNMP (UDP)
  • 88 - Kerberos (UDP and TCP)
  • 464 - Active Directory (TCP and UDP)
  • 3260 - Software iSCSI (TCP)

For a complete list of ports, see TCP and UDP Ports for vCenter Server, ESX/ESXi hosts, and other network components management access....

Yours, Oscar

Reply
0 Kudos
BillStoker
Contributor
Contributor
‎01-02-2014 11:44 AM


Thank you both for your suggestions. I don't see either host having UDP 623 open for outbound, which I assume is the direction I'd be looking at. In fact they have the exact same configuration listed under Configuration -> Software -> Security Profile for both Services and Firewall sections.

Any other ideas?

Reply
0 Kudos
BillStoker
Contributor
Contributor
‎01-02-2014 12:38 PM

Also, I looked and don't see an option when I click Properties for the Firewall to open a custom port and none of those listed seem to have UDP 623 Outbound as an option.

Note I just tried this on another vCenter datacenter with three hosts. Of the two with configured remote access controllers, I can get it to work on the HP system with an iLO 2, but not on a Dell PowerEdge R420 running an iDRAC 7 Enterprise, which I thought would support BMC calls like the iLO does.

Reply
0 Kudos
BillStoker
Contributor
Contributor
‎01-02-2014 01:00 PM

After reconfiguring the iLO in another HP host in one of the datacenters, I was also able to set the IPMI/BMC settings on that host. So both of my HP servers let me configure IPMI, but only one of three Dell servers (one of the two with just BMC) will allow configuration. The other two Dells, one with iDRAC 7 Enterprise and one with plain BMC, will not allow configuration. Both return same error mentioned in original post in this thread.

Reply
0 Kudos
BillStoker
Contributor
Contributor
‎01-02-2014 01:07 PM

Issue on iDRAC 7 was needing to enable IPMI over LAN.

I still have the R805 with BMC only (no iDRAC/DRAC) which won't accept configuration. I can confirm the BMC IP address and MAC address in the Hardware Status tab, and know I can use IPMI utilities to contact and interact with this BMC from another host.

Suggestions?

Reply
0 Kudos