I'm creating a replicated scenario were two sites involved. Both are running vSphere 6 with a separated vCenter installation. Both are using the same Active Directory as a identity source within SSO. Both sites are licensed with Essentials plus which includes vSphere Replication. When I try to setup replication between the both, I got the following error message:
I think i got the message because both sides are using the same AD as a identity source within SSO. How could i solve this?
I had a similar situation when i was working with SRM 5.8 in a lab , you should try a refresh and check the Proxy setting of your browser , Make sure you enter the correct URL of the target site .
if you still facing issue let me know .. i can do a research and let you know the results ..
Have tried it again without using a proxy and knowing I'm using the correct fqdn, but still facing the issue.
Hi,
if both sites uses the same SSO domain you should chose "Connect to a local site" option at the Target sites connection ...
If above is your case please post VR and VRMS logs they are located here:
VRMS logs (hms*.log ) are located at /opt/vmware/hms/logs
VR logs (hbrsrv*.log ) are located at /var/log/vmware
Double check:
1. That you have all required ports open between both sites on firewall especially port 31031 which is used for the initial replication traffic, for complete list of required ports see:
VMware KB: Port Numbers that must be open for vSphere Replication 5.8.x and 6.0
2. That there is no DNS resolution issues with the FQDN of vCenter servers and verify CN and SAN on VC certificates ...
They are not using the same SSO Domain, but are using the same active directory. This is because using the Essentials Plus license which with previous releases couldn't be using Linked Mode.
There are two sites, with two implementations of the VCSA which are both using there own SSO domain, but are using both the same Active Directory domain. When trying to connect to a local site the following is showed:
I have checked the ports and they are opened, when trying to setup a telnet session from the ESXi host to the VRP appliance the connection timed out. When trying from an other station the telnet to VRP works correctly. On the ESXi host the HBR ports are active and opened.
Arjan
sorry I missed the license info in your initial post...
So first if you have a two separate SSO domains "Connect to a remote site" is the correct option exactly as it is on your screen shot.
Next step is to type correctly IP/FQDN of the server on the target site where PSC is running...for successful registration with target PSC
you need credentials of the DR site SSO domain user who has VRM remote.Manage VRM priviledge assigned (i.e. -> VRM administrator User Role).
The last but not least step is to verify that traffic between ESXi host (its VR agent) on primary site to VR Appliance at DR site is routed properly ...
By default vSphere Replication is using ESXi management interface to send replication traffic to the VReplication appliance on the DR site. (its also possible to separate VR traffic from mgmt network)
Please post hbrsrv.log and hms.log
In addition to the HBR ports you need also:
Default Port | Protocol or Description | Source | Target | Endpoints or Consumers |
80 | TCP | vSphere Replication appliance | Remote vCenter Server | All management traffic to the vSphere Replication appliance goes to port 80 on the vCenter Server proxy system. |
80 | HTTP | vSphere Replication appliance | Remote ESXi host | Used to establish the connection before initial replication starts |
I was able to solve the issue. A wrong default gateway on the VCSA causes the problem. It could connect to other services but not with the replication appliance on the target site.
Thanks for your support