This article provides information on the limitation with the networking configuration of a VMware Cloud on AWS SDDC when using VMware vCenter Cloud Gateway appliance.

Symptoms:
If SDDC is configured with VPN over Direct Connect, or is using VPN for vCenter traffic but has a Direct Connect attached, or is part of an SDDC Group, you experience these symptoms:

• The web console in the VMware vCenter Cloud Gateway for ESXi in SDDC fails to connect.
• VMware Remote Console (VMRC) fails to connect.

This affects:

• Web Console to VMs when using VMware vCenter Cloud Gateway On-Prem.
• VMware Remote Console (VMRC) when using VMware vCenter Cloud Gateway or when using the SDDC’s vCenter web UI.

Once a DX private VIF is connected to an SDDC, or when an SDDC is connected to an SDDC Group, the traffic between the ESXi hosts and On-Prem can only be sent directly over the DX Private VIF or through the SDDC Group.

This is a known limitation for VMware Cloud on AWS SDDCs.

Currently, there is no resolution.

Workaround:
To work around this issue, VMware recommends to use these options for different scenarios:

1. Access the web console by logging in into the SDDC's vCenter Server directly.
2. Configure traffic from the required On-Prem networks and the SDDC management network to route directly over the DX instead of over a VPN tunnel.