VMware Cloud Community
JimmyDean
Enthusiast
Enthusiast
Jump to solution

vSphere Client to another network

Hey all,

What i'm trying to do is connect to my vSphere vCenter Server that is sitting in my lab from the corp lan. I have the following ports open and pointing the that server: 443, 902, & 903.

I can connect to https://ip_of_the_Server/ui/# and it works just find. it's when i open up the console on eather the web client of the vSphere client i get the following message : Unable to connect to the MKS: Host address lookup for server lab-esx9.lab.local failed: No such host is known. I can do a nslookup on the vSphere Server and it finds the host just fine.

Anyone have any ideas?

Thankx!!!!!!

J

Reply
0 Kudos
1 Solution

Accepted Solutions
Troy_Clavell
Immortal
Immortal
Jump to solution

can you access the remote console using the vSphere Client? Is this only an issue with the UI? What browser are you using?

Also, see the KB article, it may have some useful information

http://kb.vmware.com/kb/749640

View solution in original post

Reply
0 Kudos
8 Replies
Rubeck
Virtuoso
Virtuoso
Jump to solution

You need to be able to lookup server lab-esx9.lab.local from where you're launching the Remote Console..... Can you lookup ab-esx9.lab.local from you client PC on your corp LAN?

/Rubeck

Reply
0 Kudos
JimmyDean
Enthusiast
Enthusiast
Jump to solution

I placed the ip/name in my lmhosts file because I was thinking that was my issue. I can see all my esx servers and make changes to them. Just when I open a console session on one of the vm's that is when i get the error message. LEt me know if i'm doing something wrong. I think I'm missing a port or something.

Smiley Sad

Thanks tho.

J

Reply
0 Kudos
Troy_Clavell
Immortal
Immortal
Jump to solution

can you access the remote console using the vSphere Client? Is this only an issue with the UI? What browser are you using?

Also, see the KB article, it may have some useful information

http://kb.vmware.com/kb/749640

Reply
0 Kudos
Rubeck
Virtuoso
Virtuoso
Jump to solution

You have to make sure that you can reach the ESX server where the VM runs directly on needed ports as a Remote Console goes directly to the ESX host.... it dosn't proxy using the VC server..

/Rubeck.

Reply
0 Kudos
JimmyDean
Enthusiast
Enthusiast
Jump to solution

It seems its just getting the console to work is my problem. I can use the Web client and the vSphere client both do the same thing. i can do everything but opening up the console.

I have the following policy's on my firewall.

dnat to 10.0.0.4:443 inface eth0 dst 192.168.1.174 proto tcp dport 443

dnat to 10.0.0.4:902 inface eth0 dst 192.168.1.174 proto tcp dport 902

dnat to 10.0.0.4:903 inface eth0 dst 192.168.1.174 proto tcp dport 903

Corp: 192.168.1.174 is the vCenter Server

LAB: 10.x.x.x

So anything coming in on corp ip on port # 443, 902 and 903 go to 10.0.0.4

I tried the proxy but it did not work. Smiley Sad

It works if i place the one of my esx server directly. Problem with that is i have 10 esx hosts and i want to use all of what vcenter has to offer.

Thanks for the help so far all!

J

Reply
0 Kudos
Rubeck
Virtuoso
Virtuoso
Jump to solution

Are your ESX hosts being NAT'ed? If so have you tried to edit /etc/vmware/config and add the line "vmauthd.server.alwaysProxy = “TRUE”? But I would say that the error message you're recieving dosn't indicate that sort of error...

/Rubeck

Reply
0 Kudos
JimmyDean
Enthusiast
Enthusiast
Jump to solution

Yes the ESX hosts are being NAT'ed. I have 6 hosts i want to connect to. not just one. It works with just one but i wanted to connect to all 6. so below is what i got in responce to my question when I called vmware directly.

-


DO NOT CHANGE THE SUBJECT LINE if you want to respond to this email.

Hello James,

Thank you for your Support Request.

As per your discussion with us I have mentioned steps below. Please follow the steps and check if it works:

Follow the steps below to change ports 902 or 903 to different

ports(example below changes default port 902 to 9022, and port 903 to

9033):

0. Login to the ESX host Console OS as root

1. Edit /etc/xinetd.d/vmware-authd and change the default port 902 to different port <nnnn>. For example: 9022

2. Edit /etc/xinetd.d/vmware-authd-mks and change the default value to a different port <yyyy>. For example: 9033

3. Edit /etc/vmware/config and change the following line as indicated

authd.client.port = "9022"

4. Edit /etc/services and change as follows:

From

  1. Local services

vmware-authd 902/tcp

vmware-authd-mks 903/tcp

To

vmware-authd 9022/tcp

vmware-authd-mks 9033/tcp

5. Restart xinetd and mgmt-vmware services by running:

#service xinetd restart

#service mgmt-vmware restart

6. Test VI Client and Web Acess login

Looking forward to hearing from you.

Regards,

Deepak Shukla

Technical Support Engineer

VMware Global Support Services

1-877-4VMWARE

1-877-486-9273

Office Hrs: M-F 9am - 6pm MDT

-


After 6 days of phone calls and emails I got the below

responce. Yes that is great i can try changing the port numbers but it

did not work. So in when i emailed back for more help i got the below.

-


Hello James,

Thank you for your Support Request.

I've checked with all of my resources and have verified that

VI Client and Webclient cannot access ESX Server directly (without VC)

when there is NAT configured between VI/webclient and the ESX Server.

It is not a supported configuration. It works perfectly within the same

subnet because NAT doesn't usually is configured there.

The Webclient/VI Client must access the VC if NAT is in place.

Looking forward to hearing from you.

Regards,

Deepak Shukla

Technical Support Engineer

VMware Global Support Services

1-877-4VMWARE

1-877-486-9273

Office Hrs: M-F 9am - 6pm MDT

Reply
0 Kudos
JimmyDean
Enthusiast
Enthusiast
Jump to solution

Troy was 100% correct. My only issue was I did not give the vCenter server a second nic and full access to my corp network. I was trying to have the vcenter server behind the firewall. So I'm glad my issue is resovled.

Thanks to all that posted.

Jimmy

Reply
0 Kudos