Labels

Wednesday, June 22, 2011

Can’t connect to a specific ESX/ ESXi host with the vSphere Client



Can’t connect to a specific ESX/ ESXi host with the vSphere Client
 Check the following 6 questions
1)   Have the basic requirements for management communications been met?
There are standard requirements for the configuration of ESX/ESXi hosts to allow management communications. Check the following items:
  • ESX hosts must have a service console port (vswif) on the same LAN that the vSphere Client system is connected to or on a LAN with a network route to the LAN the vSphere Client is connected to.
  • The IP address and subnet mask should match the correct network configuration of the local LAN.
  • DNS and routing configuration should be correct for the local LAN.
  • VLAN settings should match the VLAN configuration of the local LAN and should allow connection to the vSphere Client system.
  • ESXi hosts must have a VMkernel port (vmk) on the same LAN that the vSphere Client system is connected to or on a LAN with a network route to the LAN that the vSphere Client system is connected to.
  • The VMkernel port must be enabled for management traffic.
  • Is your vSwitch0 management interface (vmk0 for ESXi, vswif0 for ESX0) connected to the correct vmnic interface?

2)   Can you manage the ESX/ESXi host from vCenter Server?
Yes. VMware vCenter™ Server can manage the ESX/ESXi host. But you cannot connect directly with the vSphere Client. Check the following items:
  • Network connectivity between the vSphere Client and the ESX/ESXi host might not be
  • working. This is combined with a network path between vCenter Server and the ESX/ESXi host that is different than the one that you are using between the vSphere Client and the ESX/ESXi host.
  • Confirm that all required firewall ports are open between the vSphere Client and the ESX/ESXi host.
  • Confirm that the vSphere Client is connected to the same LAN that the ESX/ESXi host and vCenter Server are connected to. This includes making certain that any VLAN settings are correct. Access through routed networks is a viable alternative to being on the same LAN, provided that all routers and firewalls pass the required traffic.
  • There might be a problem with the user account and password combination that you are attempting to use. Confirm that the user account and password are valid on the ESX/ESXi host and that they have the required privileges.
  • If this is an ESXi host, confirm that lockdown mode has not been enabled.
  • Does the ESX/ESXi host have network connectivity at all?
  • Confirm that other systems on the same LAN can ping the ESX/ESXi host. See ques  3.
  • Confirm that you can connect with SSH. See question 4.

No. Your vSphere Client can connect to the vCenter Server system, but the vCenter Server system cannot manage or access the ESX/ESXi host.  See question 3.

No. Your vSphere Client cannot connect to the vCenter Server system or to the ESX/ESXi host.
  • Confirm that your vSphere Client has been installed correctly. Confirm that there are no earlier versions of the vSphere Client (especially beta versions) installed on the same system. Consider uninstalling and reinstalling the vSphere Client.
  • Attempt to use your vSphere Client to connect to any other ESX/ESXi host or vCenter Server system. If you cannot use vSphere Client to connect to anything and you are sure that your installation is sound, confirm the network configuration of your vSphere Client system
  • Can you use the browser to connect to the ESX/ESXi host? See question 6.

3)   Can you ping the ESX/ESXi host from some other system on the same LAN?
Use the following procedure to ping a remote ESX/ESXi host from an ESX/ESXi host.
  • From an ESX host:
  • Log in to the ESX host service console.
  • Type ping <IP_address> to ping from a service console port (vswif) interface.
  • Type vmkping <IP_address> to ping from a VMkernel port (vmk) interface.
  • From an ESXi host:
  • Press F2 to log in with the direct console user interface (DCUI).
  • Select Test Management Network.
  • Enter the management IP address of the target ESX/ESXi host. (All pings on ESXi are done from a VMkernel port (vmk) interface.)

Yes. It is possible to ping the ESX/ESXi host from some other system on the same LAN.
  See question 4.

No. The ESX/ESXi host does not have network connectivity. Confirm that your virtual switch configuration for your management networking is valid.
  • Do you have a functioning uplink on the virtual switch that you are using for management  networking?
  • Add an uplink to the virtual switch that you are using for management networking. This will probably have to be done from the service console of the physical console. An example of the commands required to add vmnic1 to vSwitch0 on an ESX host:
  • # esxcfg-vswitch -L vmnic1 vSwitch0
  • Once you have added the uplink, you must restart the management daemon by typing
  • service mgmt-vmware restart.
  • Do you have the correct uplink on the virtual switch that you are using for management networking? Remember that labels like “vmnic0,” “vmnic1,” and “vmnic2” are logical labels.
  • Just because an uplink is labeled “vmnic0” on your host does not mean it is the same physical
  • NIC as uplinks labeled “vmnic0” on other hosts.
  • Use commands like esxcfg-info to determine exactly which vmnics are seeing which IP traffic ranges.
  • Once you determine which vmnic is the correct uplink, disconnect the incorrect uplink and reconnect the correct uplink. For example, if vmnic0 were incorrect and vmnic1 should be the uplink for vSwitch0, you would use the following commands:
  • # esxcfg-vswitch -U vmnic0 vSwitch0
  • # esxcfg-vswitch -L vmnic1 vSwitch0
  • # service mgmt-vmware restart
  • Do you have multiple NICs (NIC teaming) serving as uplinks on the virtual switch you are trying to use for management networking? If so, are both physical NICs on the same physical LAN?
  • If two physical NICs are on different LANs, half of your network communications might be lost on the wrong network.
  • Disconnect any extra teamed vmnics that are located on separate physical LANs. For example, if you had vmnic0 and vmnic1 both teamed to vSwitch0 and vmnic1 were located on a separate, nonmanagement LAN, you could disconnect it with the following commands:
  • # esxcfg-vswitch -U vmnic1 vSwitch0
  • # service mgmt-vmware restart
  • Are any VLAN settings in place that might cause connectivity issues? VLAN settings are critical. If VLANs are supposed to be present and they are not, the virtual switch will fail to read the VLAN tags on incoming traffic properly. Traffic will never be passed from the physical switch to the correct virtual switch port group. If VLAN settings are not supposed to be present and they are, the physical switch will drop all the outgoing network traffic from the virtual switch port group. This is because there will be no physical ports configured for this “nonexistent VLAN.” In both cases, the result is the same: no communication. It is just as bad as having the virtual switch connected to the wrong vmnic.
  • The following command would remove any VLAN tag settings from port group SC2 on vSwitch1:
  • # esxcfg-vswitch vSwitch1 -p SC2 -vlan=
  • The following command would add a VLAN tag of 100 to port group SC2 on vSwitch1:
  • # esxcfg-vswitch vSwitch1 -p SC2 -vlan=100
  • If your virtual switch configuration appears valid and you still do not have network connectivity, see question 5.

4)   Can you connect to the ESX/ESXi host with SSH from some other system on the same LAN?
Yes. It is possible to connect to the ESX/ESXi host with SSH from some other system on the same LAN.
  • Attempt to restart the hostd daemon and other processes. On an ESX host, type service mgmt-vmware restart in the service console. On an ESXi host, use the following procedure:
  • Connect directly to the server console in the DCUI.
  • Select Restart the Management Agents.
  • If manually attempting to restart the daemons fails, reboot the ESX/ESXi host. See question 2.
No.
See question 3.
If it is possible to ping the ESX/ESXi host but not to connect with SSH, see “You cannot connect to a specific ESX/ESXi host with SSH.” In my blog

5)   Can you log in to the ESX/ESXi host directly with the root account on the console?
Yes. The ESX/ESXi operating system is running and the root account is working. The problem might be the networking processes.
  • Attempt to restart the networking processes from the console. You can use the command /etc/ init.d/network restart in an ESX host service console. On an ESXi host, use the following procedure:
  • Connect directly to the server console in the DCUI.
  • Select Restart Management Network.See question 2.
  • If you have tried to restart networking and you still cannot make a network connection, confirm that there is no problem with your physical network connections, NICs, switches, or other physical network hardware.
  • Solve any physical network problems. See question 2.
No. You cannot log in to the ESX/ESXi host directly with the root account on the console.
  • Your system is hung or has a hardware problem. Attempt to power off and then power on.
  • You do not have the correct password for the root account or the root account might be deleted or damaged. Attempt to use some other account with root privileges. If you do not have a second account with root privileges, reinstall the ESX/ESXi host.

6)   Can you log in to the ESX/ESXi host directly with the Web browser on the vSphere Client system?
Yes. You can log in to the ESX/ESXi host directly with a Web browser on the vSphere Client system. This demonstrates good network connectivity between your vSphere Client system and the ESX/ESXi host. There might be a problem with the vSphere Client software. Uninstall and reinstall the vSphere Client.
No. You cannot log in to the ESX/ESXi host directly with a Web browser on the vSphere Client system.
  • See “You cannot connect to a specific ESX/ESXi host with the vSphere Web Access console.”
  • Once you have restored Web console access, see question 1.

Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)