vCenter Server behind NAT

Be warned: This configuration is not officially supported by VMware.

If you have your vCenter Server behind NAT, you can not connect your ESXi Host to this Server. It will loose connection after a few seconds to vCenter because vCenter publishes his private IP to the configuration of ESXi.

1. We need an port forwarding of port TCP/UDP 902 from your public IP to the internal IP of the vCenter Server. If you have a Firewall, allow connections only from the IP of your ESXi host.

2. Connect over SSH to the ESXi Host and edit vpxa.cfg with vi:

vi /etc/vmware/vpxa/vpxa.cfg

Configure the following settings:

Insert this tag, if you don’t add this tag and restart the services, it will overwrite the IP again with the private one of vCenter:

<preserveServerIp>true</preserveServerIp>

Replace the private IP of the vCenter Server with the public one:

<serverIp>PublicIPvCenterServer</serverIp>

Restart services:

/etc/init.d/hostd restart

Now the connection should stay stable.

Leave a Reply