"Error connecting to host.: Set error flag: retriable; Failed to create NFC connection to 902 via ip Any: SSL required; establish nc connection on host-XX" Error configuring VM replication
book
Article ID: 325696
calendar_today
Updated On:
Products
VMware Live RecoveryVMware vSphere ESXi
Issue/Introduction
Symptoms:
After configuring Replication for a VM, its replication status is showing as Non-Active
In the VM's Summary, an error status similar to the following is shown:
"Error for (diskId: "RDID-xxxx"), (flags: on-disk-open, retriable): Error connecting to host.: Set error flag: retriable; Failed to create NFC connection to <IP> 902 via ip Any: SSL required; establish nfc connection on host-XX; Tried operation 4 times, giving up"
In the vmware-vum-server-logcpp.log file, you see entries similar to:
Note: The preceding log excerpts are only examples. Date, time, and environmental variables may vary depending on your environment.
Cause
This issue occurs when SSL authentication is disabled on target site ESXi hosts, for port 902. SSL authentication is enabled on ESX/ESXi hosts by default.
Resolution
To resolve this issue, re-enable SSL authentication for ESXi hosts on port 902, from the vSphere Web Client:
Open the vSphere Web Client and select the host in the inventory.
Click the Settings tab, and select Advanced System Settings under System.
Search for SSL, select the Config.Defaults.security.host.ruissl setting and click the Edit icon.
To enable SSL authentication from vSphere Client:
Directly connect to the host using the vSphere Client.
Click the Configuration tab.
Under Software, click Advanced Settings.
Expand Config > Defaults.
Expand Security and select host.
Select the option to enable SSL authentication.
To enable SSL authentication using Tech Support Mode or the ESXi Shell:
Connect directly to the host as a user with root privileges. The ESXi 5.0 host can be accessed using Tech Support Mode (TSM). ESXi 5.1 and later include the ESXi shell.
Open the /etc/vmware/config file using a text editor.
Locate the security.host.ruissl entry.
Change the value of security.host.ruissl from FALSE to TRUE.
If it is set to no, change it to yes.
Note: If the security.host.ruissl entry is not available in the /etc/vmware/config file, add the entry and set it to TRUE.