VMware vSphere

 View Only

  • 1.  Does ESXi limit incoming connection based on network?

    Posted Jul 15, 2015 03:00 PM

    Hi I have setup ESXi's vkm0 for management on 192.168.20.20 but when I try to connect from 192.168.50.2 with vSphere client there is no response.  However when I try to connect from 192.168.20.233 there is a response.  Is there some kind of security feature to limit which network it will accept management connection from?



  • 2.  RE: Does ESXi limit incoming connection based on network?

    Posted Jul 15, 2015 03:15 PM

    I believe you should make sure that your different subnets have the reachability to each other.

    Did you tried to ping and telnet the ESXI host from 50.X subnet machine.

    same subnet is reachable reason a visibility in same subnet . This should be a problem in your network configuration in you design.



  • 3.  RE: Does ESXi limit incoming connection based on network?

    Posted Jul 16, 2015 12:11 AM

    Like already stated above, you should make sure that the network 192.168.50.x can reach (has a route) for network 192.168.20.x and that default gateway address is configured on ESXi and your managemtn station.

    And if there is a firewall between this two network, you should open ports to allow the vSphere Client connect to your vSphere host: VMware KB: Required ports for ESXi 5.1.x



  • 4.  RE: Does ESXi limit incoming connection based on network?

    Posted Jul 16, 2015 03:09 PM

    Sorry I need to clarify.

    1. I am at 192.168.50.2.
    2. I am trying to reach ESXi at 192.168.20.20 via either Putty or vSphere client.  Both failed.
    3. I tried to do a test and Putty to another device at 192.168.20.233.  This worked.
    4. I tried to then Putty to ESXi from 192.168.20.233.  This also worked.

    Question is why am I able to reach 192.168.20.233 but not ESXi at 192.168.20.20?



  • 5.  RE: Does ESXi limit incoming connection based on network?

    Posted Jul 16, 2015 03:25 PM

    hi,

    can can you ping between the two hosts ? Have you checked your gateway on the ESXi host ?

    It sounds to me like the gateway is the most likely here

    RIch



  • 6.  RE: Does ESXi limit incoming connection based on network?

    Posted Jul 16, 2015 04:05 PM

    Hi thanks.  It was indeed due to the routing table on ESXi.  It works now after I have executed the following command.

    esxcli network ip route ipv4 add --gateway 192.168.20.1 --network 192.168.50.0/24

    Not sure if this is persistent across reboot but I have added it to the following file anyway.

    /etc/rc.local.d/local.sh



  • 7.  RE: Does ESXi limit incoming connection based on network?

    Posted Jul 16, 2015 04:08 PM

    For the record, I found the following resources helpful.

    VMware KB: Configuring static routes for vmkernel ports on an ESXi host

    http://www.tunnelsup.com/networking-commands-for-the-vmware-esxi-host-command-line

    VMware KB: Modifying the rc.local or local.sh file in ESX/ESXi to execute commands while booting

    Unfortunately this must be done on the CLI because the vSphere client only let's you update the default route, and I'm not sure if anyone has this problem as well, my vSphere client can only display some of the text.  So in this case it displayed the first octet of the default gateway's IP address under the host's Configuration tab -> DNS and Routing -> Properties -> Routing tab.