Link to home
Start Free TrialLog in
Avatar of muzzammilhussain
muzzammilhussain

asked on

Firewall between ESX host and vCenter update manager

Hello Experts,

There is an firewall between some of my ESX servers and the vCenter update manager. As results I get the following error every time I run the scan from the update manager for that particular host:

Scan entity
Host cannot download files from VMware vCenter Update Manager patch store.  
Check the network connectivity and firewall setup, and check esxupdate logs for details.

Can someone please advise me the network ports I should open in order to make the update manager work.

Many Thanks,
ASKER CERTIFIED SOLUTION
Avatar of Seth Simmons
Seth Simmons
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of muzzammilhussain
muzzammilhussain

ASKER

Thanks Seth / Dawid,

I have enabled the ports from security profile as you advised but my scan is still failing with the same error. Is there a way to check the logs and find-out more details about the failure.

Many Thanks,
Many Thanks
Mate,

generally you can check the logs on VMware Update Manager server, it's default on:
C:\ProgramData\VMware\Infrastructure\VMware Update Manager\Logs\vmware-vum-server-log4cpp.log

And the scan sometimes may not work because of naming resolution or "failed" installation of VMware Update Manager with stick to IP Address not a FQDN name, or problem with naming resolution (DNS, hosts files) between your pc/laptop when you run vSphere Console and Vmware Update Manager Server, sometimes also ESXi server.

I hope it work for You mate.

regards
NTShad0w
Hello,

I did the comparison between the two ESX hosts. The once that gets the updates and the other that fails. A firewall between the failing host and the update manager was blocking 8084/9084 that has now been resolved.

Many Thanks for making sure that I got the right solution.