Hello and welcome to the forums,
the error message suggests that the target vCenter cannot connect to the source vCenter server.
Can you check the network settings and try if the two machines can ping each other?
Thanks a lot for the reply. There is ping between the source and the destination vCenters. So port 443 is opened as well. More details are listed below.
Please let me know, if you need more details.
vCenter VPN IP: 10.227.88.18
vCenter VPN IP : 10.217.91.253
There are no network restrictions between the 2 vCenters.
Confirmation for that is that the
Destination vCenter -> Source vCenter
admin@photon-machine [ ~ ]$ ping 10.227.88.18
PING 10.227.88.18 (10.227.88.18) 56(84) bytes of data.
64 bytes from 10.227.88.18: icmp_seq=1 ttl=127 time=188 ms
64 bytes from 10.227.88.18: icmp_seq=2 ttl=127 time=191 ms
64 bytes from 10.227.88.18: icmp_seq=3 ttl=127 time=187 ms
64 bytes from 10.227.88.18: icmp_seq=4 ttl=127 time=187 ms
64 bytes from 10.227.88.18: icmp_seq=5 ttl=127 time=187 ms
64 bytes from 10.227.88.18: icmp_seq=6 ttl=127 time=226 ms
--- 10.227.88.18 ping statistics ---
6 packets transmitted, 6 received, 0% packet loss, time 5006ms
rtt min/avg/max/mdev = 187.142/194.753/226.003/14.051 ms
admin@photon-machine [ ~ ]$ ifconfig
eth0 Link encap:Ethernet HWaddr 52:51:ed:52:d4:1f
inet addr:10.217.91.253 Bcast:10.217.91.255 Mask:255.255.252.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:6946649 errors:0 dropped:330 overruns:0 frame:0
TX packets:6696227 errors:0 dropped:0 overruns:0 carrier:0
RX bytes:9468729698 (9.4 GB) TX bytes:1141783962 (1.1 GB)
admin@photon-machine [ ~ ]$ curl -v telnet://10.227.88.18:443
* Rebuilt URL to: telnet://10.227.88.18:443/
* Trying 10.227.88.18...
* Connected to 10.227.88.18 (10.227.88.18) port 443 (#0)
Source vCenter -> Destination:
Pinging 10.217.91.253 with 32 bytes of data:
Reply from 10.217.91.253: bytes=32 time=187ms TTL=63
Reply from 10.217.91.253: bytes=32 time=193ms TTL=63
Reply from 10.217.91.253: bytes=32 time=195ms TTL=63
Reply from 10.217.91.253: bytes=32 time=188ms TTL=63
Ethernet adapter Ethernet 2:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : TAP-Windows Adapter V9
Physical Address. . . . . . . . . : 00-FF-62-40-F3-4B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::1de9:84ab:db5c:f559%7(Preferred)
IPv4 Address. . . . . . . . . . . : 10.227.88.18(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.252
Lease Obtained. . . . . . . . . . : Monday, December 10, 2018 11:20:43 PM
Lease Expires . . . . . . . . . . : Tuesday, December 10, 2019 11:20:43 PM
Default Gateway . . . . . . . . . :
DHCP Server . . . . . . . . . . . : 10.227.88.17
DHCPv6 IAID . . . . . . . . . . . : 33619810
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-23-68-D4-C4-00-15-5D-85-01-0A
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
NetBIOS over Tcpip. . . . . . . . : Enabled
PS C:\Users\Administrator> Test-NetConnection -ComputerName 10.217.91.253 -Port 443
ComputerName : 10.217.91.253
RemoteAddress : 10.217.91.253
RemotePort : 443
InterfaceAlias : Ethernet 2
SourceAddress : 10.227.88.18
TcpTestSucceeded : True
You need to further explain your networking setup. It looks very much "non standard" :-)
I see "VPN" there, and I see that you are using OpenVPN on the Windows source vCenter server.
I guess that server has a different IP when OpenVPN is not active, and vCenter might try to use that original IP for communication.
Hey Andreas, this is indeed the situation. The vCenter was deployed, before installing OpenVPN, which is used to access the destination vCenter. Further more we tried to sync a test content library from the Destination vCenter with the source, it worked perfectly fine and confirms the suggestion that the source vCenter is trying to use its original IP, instead the VPN's.
Is it possible to fix that, or we need to build a new vCenter ?
You can try to change the "vCenter Managed IP address" as per VMware Knowledge Base
However, the vCenter server will then probably lose the ability to talk to the ESXi hosts that it manages. The same situation will occur when you re-install vCenter using the VPN IP.
I guess it is not a good idea to run the VPN client on the vCenter server, and for sure it is completely unsupported.
Instead you should use another server (e.g. a VPN appliance) to do the VPN connection and route any access to the remote vCenter through this server (by adding static routes on the source vCenter server).