Hello,
I am new to vCenter and trying to learn. Right now I am trying to add a new host onto my vSphere Client.
I am on version 6.7 for my VCSA and have a trial license for the moment.
Our ESXi Hosts are on version 6.7 as well.
--
Workflow for Attempting to Add a Standalone Host on my vCenter:
1. Created a new datacenter and named it "ESXi Hosts".
2. Now when I click to add a 'New Host' -
3. I get prompted to connect to what server so I put in my ESXi host IP address.
4. Then enter the credentials to log into that ESXi host.
5. Confirm the certificate.
6. Get a preview of the ESXi host of its model, version, vendor, and current VMs that are on that host.
7. Assign a license - I am assuming since I am on a trial that the only available license that is shown is the license to the Hypervisor so I kept it as selected then I clicked next.
8. For Lockdown mode, I have it set to disabled.
9. The VM location screen just to confirm to me that it will go to my new datacenter I created.
10. Lastly, click Finish.
--
I see that the Recent Tasks is showing a status at 80% and does not move until it ultimately fails and throws me the error of: "Cannot contact the specified host. The host may not be available on the network, a network configuration problem may exist, or the management service on this host is not responding."
--
I also have coordinated with my firewall team to open up these ports as bi-directional traffic (per VMware documentation I followed - https://docs.vmware.com/en/VMware-vSphere/6.7/com.vmware.vcenter.install.doc/GUID-925370DD-E3D1-455B-81C7-CB28AAF20617.html) between my vCenter appliance server (1 total) and of all my ESXi hosts (Total hosts we have are 6):
22 - TCP - System port for SSHD
53 - DNS Service
80 - TCP - Direct HTTP connections
88 - TCP - Active Directory server
389 - TCP - LDAP port for Directory services for vCenter Server group
443 - TCP - vCenter listens for connection from vSphere Client
514 - TCP/UDP - vSphere Syslog Collector
636 - TCP - vCenter Single Sign-On LDAPS
902 - TCP/UDP - Port used for vCenter to send data to managed hosts (ESXi heartbeat)
903 - TCP - Remote access to VM console
1514 - TCP - vSphere Syslog Collector TLS port for vCenter Server on Windows and vSphere Syslog Service TLS port for appliance
2012 - TCP - Control interface RPC for vCenter SSO
2014 - TCP - RPC port for all VMCA (VMware Certificate Authority) APIs
2015 - TCP - DNS management
2020 - TCP/UDP - Authentication framework management
5480 - TCP - Appliance Management Interface
6500 - TCP/UDP - ESXi Dump Collector
6501 - TCP - Auto deploy services
6502 - TCP - Auto deploy management
7080, 12721 - TCP - Secure Token Service
7081 - TCP - VMware Platform Services Controller Web Client
7475, 7476 - TCP - VMware vSphere Authentication Proxy
8200, 8201, 8300, 8301 - TCP - Appliance management
8084 - TCP - vSphere Update Manager SOAP
9084 - TCP - vSphere Update Manager Web Server
9087 - TCP - vSphere Update Manager Web SSL
9443 - TCP - vSphere Client HTTPS
--
With those ports being open - I tried to log into the appliance's shell and executed the command: "curl -v telnet://[IP address of an ESXi Host]:902" as a test and I got a connection timed out - failed to connect to [IP address]:902.
--
Questions I have:
1. Do I need to have a license that is NOT a trial/evaluation license in order to add new hosts to my vCenter/vSphere Client?
2. Should I be testing telnet on the ESXi host / shell to my vCenter appliance instead?
3. Any additional configurations on the VCSA or ESXi Host that need to occur in order to establish connection?
3. Are there any additional ports that I have missed that are required to be open?
4. What is the resolution or workaround to resolve me adding new hosts to my datacenter?