VMware vCenter server behind NAT

Some of you might be running a vCenter server behind a firewall / router performing NAT. If this is the case you might have encountered issues with external ESX hosts.
the vCenter ‘polls’ the hosts every 20 – 30 seconds to see if the host is still alive. If you are behind NAT the hosts will respond to this heartbeat but will send the response to the internal IP of your vCenter server.

To tackle this issue simply set up port forwarding on your router / firewall for udp port 902 and edit /etc/vmware/vpxa/vpxa.cfg
Look for the line with serverIp

This will contain your internal IP of the vCenter server.
Change this line with your external IP and add the folowing line below:


restart the services

services.sh restart

and reconnect the host in your vCenter server. You might get a warning that this host is currently managed by … . You can safely ignore this warning.

Reference: VMware KB1010652

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.