Got HCI Bench and also a test VM in a HCX L2 Extended Network but both can only reach the SDDC VCSA on ICMP and HTTPS.
MON is enabled on the extended L2 networks and necessary firewall rules are in both outbound on Compute Gateway and Inbound on Management Gateway, any idea or known issue? (This is for HCI Bench as it needs to reach the ESXi Hosts on HTTPS as part of the validation)
Most likely you need to create rules that will allow the HCIBench VMs access to the ESXi hosts. This article explains the rules that need to be created:
The screenshots are a bit out of date but the rules still apply.
Check for any MON status or health indicators within HCX Manager or the HCX plugin in vCenter. Just curious if MON (Network Extension) is properly configured and functioning for the extended L2 networks.
Did you performed any ping test and attempt HTTPS connections from HCI Bench and the test VM directly to the ESXi hosts within the extended L2 networks. This helps confirm if the issue lies in connectivity beyond ICMP and HTTPS to the VCSA.