VMware Cloud Community
andvm
Hot Shot
Hot Shot

Access SDDC ESXi Hosts on HTTPS from HCX L2 Extended Network

Got HCI Bench and also a test VM in a HCX L2 Extended Network but both can only reach the SDDC VCSA on ICMP and HTTPS.

MON is enabled on the extended L2 networks and necessary firewall rules are in both outbound on Compute Gateway and Inbound on Management Gateway, any idea or known issue? (This is for HCI Bench as it needs to reach the ESXi Hosts on HTTPS as part of the validation)

Reply
0 Kudos
3 Replies
AsafBlubshtein
VMware Employee
VMware Employee

Most likely you need to create rules that will allow the HCIBench VMs access to the ESXi hosts. This article explains the rules that need to be created:

https://blogs.vmware.com/virtualblocks/2018/11/28/measuring-performance-in-vmware-cloud-on-aws/

The screenshots are a bit out of date but the rules still apply.

andvm
Hot Shot
Hot Shot

ended up deploying HCX in dedicated routed segment for both its interfaces and worked fine

Bogdan_Ionut
Contributor
Contributor

Check for any MON status or health indicators within HCX Manager or the HCX plugin in vCenter. Just curious if MON (Network Extension) is properly configured and functioning for the extended L2 networks.

Did you performed any ping test and attempt HTTPS connections from HCI Bench and the test VM directly to the ESXi hosts within the extended L2 networks. This helps confirm if the issue lies in connectivity beyond ICMP and HTTPS to the VCSA.

Reply
0 Kudos