vCenter Server/vSphere Client keeps losing connection to ESXi 5 host

if you ping the server, or connect with ssh, do you also lose ping (timeouts) or connectivity?

any firewalls in place?

a continuous Ping shows no problems and I've had problems with my PuTTY session dropping out.

I'm not aware of any firewalls being added recently - if there were wouldn't it just refuse connection from one or all of vSphere, ping and PuTTY?

depends on the firewall, if ssh (tcp, port 22), and SSL (tcp port 443) are having connectivity issues, this is the issue, which leads to firewall issue or rules?

How can I check that the required ports are open and available? Sorry - I need some dummy instructions.

just telnet to IP address 443 and 22, this should stay connected

Hmm. Not familiar with telnet so can't say if what I'm seeing is correct or not but my feeling is 'not'.

If I type telnet 123.123.123.1 443 I just get a blank screen with the cursor top left and not blinking.  If I type the same but using 22 I get 'SSH-2.0-OpenSSH_5.6' and nothing much going on.

Does that provide a big clue?

okay, use telnet as follows:-

telnet <ip address of host server> 22

telnet <ip address of host server> 443

telnet <ip address of host server> 80

and wait, how long do they stay connected?

also run ping  <ip address of host server> -t at the same time as above, does ping timeout, at the same time connection is dropped.

all the above should stay connected, until you exit from telnet program.

OK, will do.

Is the attached what I should expect to see when testing port 22? I was expecting some sort of prompt but this is all I get for this port.

Thanks
Telnet-on-port-22.jpg

Update - with continuous ping going OK the port 22 session reported Connection to Host Lost after a minute or so - which is roughly the same time I can connect to the ESXi host in vSphere. I'll try the other ports now.

All 3 Telnet sessions appear to drop out after 1-2 minutes. Is that down to a possible firewall at the remote hosting site or something I can investigate and change myself?

I tried similar to local ESXi hosts which are connecting OK and saw the exact same behaviour which suggests that what I saw in the previous test was telnet's behaviour and not an indication of an error.

I can still connect fine to the remote host directly using vSphere and by PuTTY - it just seems to be when I logon to our local vCentre Server that I have problems with the connection being dropped after a minute or so.

after the connection has dropped can you connect back to the server okay immediately after?

and if you connect using telnet <ip address> 443 (this is the same port client connects to) it remains connected?

If I'm looking at the vSphere client session which connects to our vCentre Server and shows local and the problem remote host, I can connect to the remote host for maybe 1 minute then it drops out but I can reconnect again straight away.

If I telnet <ip address> 443 I get a blank screen with a static cursor top left of the screen. This drops back to the command prompt after a minute or so and if I repeat the exercise straight away it just does the same thing.

BTW - not ideal I know but just to try and get this working again I've temporarily disabled all firewall settings on the Win2008 box running vCentre Server in case that was hindering things but it didn't seem to help. Another straw grasped........

interesting both you stay connected.

I'll have to open a call with VMware and see if they can shed any light.

After a bit more digging around it seems that the most likely cause is that there is a NAT in use between our office LAN and the LAN that sits behind the hosting company's firewall. There was some configuration required of my firewall but as far as the remote host is concerned I followed this article -

http://www.vmskills.com/2010/09/using-nat-between-vcenter-server-system.html

VMware states that using an ESXi host behind a NAT is not supported which I find rather strange in this day and age. At the time of writing I implemented the changes outlined in the article and the remote host has been connected OK for over an hour now.

I've requested that this question be closed as follows:

Accepted answer: 0 points for funasset's comment #a38751401

for the following reason:

The last post gives the useful information requried to workaround this 'feature'.

In http:#a38726628 I state

"any firewalls?"

In http:#a38726762

I state

"depends on the firewall, if ssh (tcp, port 22), and SSL (tcp port 443) are having connectivity issues, this is the issue, which leads to firewall issue or rules?"

To be honest I don't fully understand (is network address translation the same as firewalls and ports?) but I'll be happy to assign you the points for the help you offered.