vCenter

 View Only
Expand all | Collapse all

Weird Vcenter/ESXi ip mixed up after a firewall in between was upgraded.

  • 1.  Weird Vcenter/ESXi ip mixed up after a firewall in between was upgraded.

    Posted Feb 09, 2021 06:02 PM

    Hi,
    I have a vcenter in a network that connects to a ESXi in another network.
    I changed the firewall that is found in between the 2, two days ago and all seems to be working at first.

    Now it says Disconnected in Vmware (VCSA version 6.5.0.32000 BUT the weirdest thing is that it does not show the right esxi ip address anymore in the console: it shows the ip address of the internal firewal!!
    It should show 10.19.80.100 but instead it shows 10.19.203.3 which is not a esxi but the firewall ip!
    vcenter5.png

    (p.s. disregard the "Disconnected" beside the 10.19.80.100 printscreen.. it's an old one taken when I had an issue)
    I don't know why vCenter changed the ip nor how to bring it back to original.

    I tried Adding a esxi (the real one 10.19.80.100) but I get a message like "the DB qa-ssd01 is in conflic with another existing db in the database center who has the same URL ds:///vmfs... but it is saved on a storage system physically different...
    How to fix that without deleting the esxi and re-adding it
    Thank you very much for the info



  • 2.  RE: Weird Vcenter/ESXi ip mixed up after a firewall in between was upgraded.

    Posted Feb 11, 2021 01:49 PM

    Any one any idea?



  • 3.  RE: Weird Vcenter/ESXi ip mixed up after a firewall in between was upgraded.
    Best Answer

    Posted Feb 19, 2021 07:01 PM

    Hi,
    I had no choice to fix it but to disconnet and reconnect it and then recreate all the templates and all.
    At least it works now.

    But I can confirm you that Vmware do change the ip address when a NAT firewall rule change happends and there is no going back.

    If you'd like, you can test it in your lab.
    have a vcenter in an environnement.
    Connect in it a esxi using the esxi ip address.
    put a esxi in another network.
    Have a firewall in between with a rule to allow traffic between the 2.
    Had natting to the rule.
    Now the Vcenter will list the esxi as the Firewall ip instead of the real esxi IP and you won't be able to reconnect even after removing the NAT.