Unable to configure HA due to Firewall being disabled on the DNS client of the Host
search cancel

Unable to configure HA due to Firewall being disabled on the DNS client of the Host

book

Article ID: 405028

calendar_today

Updated On:

Products

VMware vCenter Server

Issue/Introduction

  • /var/log/vmware/vpxd/vpxd.log

2025-07-21T07:20:10.435Z info vpxd[136168] [Originator@6876 sub=vpxLro opID=m82ufwsg-7645279-auto-4jv4w-h5:70751502-26-01] [VpxLRO] -- FINISH task-232524
2025-07-21T07:20:10.435Z error vpxd[136168] [Originator@6876 sub=Default opID=m82ufwsg-7645279-auto-4jv4w-h5:70751502-26-01] [VpxLRO] -- ERROR task-232524 --  -- Malaysia-vSAN -- DasConfig.ConfigureCluster: :vim.fault.DasConfigFault
--> Result:
--> (vim.fault.DasConfigFault) {
-->    faultCause = (vmodl.MethodFault) null,
-->    faultMessage = (vmodl.LocalizableMessage) [
-->       (vmodl.LocalizableMessage) {
-->          key = "com.vmware.vcIntegrity.lifecycle.EsxImage.MetadataDownloadError",
-->          arg = (vmodl.KeyAnyValue) [
-->             (vmodl.KeyAnyValue) {
-->                key = "1",
-->                value = "http://VC_FQDN/vum/repository/hostupdate/__micro-depot__vendor-vmw__metadata-73__index__.xml"
-->             }
-->          ],
-->          message = <unset>
-->       },
-->       (vmodl.LocalizableMessage) {
-->          key = "com.vmware.vcIntegrity.lifecycle.ClusterApplyHATask.ApplyHAToHostFailed",
-->          arg = (vmodl.KeyAnyValue) [
-->             (vmodl.KeyAnyValue) {
-->                key = "1",
-->                value = "host-26xx4"
-->             }
-->          ],
-->          message = <unset>

  • /var/log/vmware/vmware-updatemgr/vum-server/vmware-vum-server.log

2025-07-21T07:19:59.241Z info vmware-vum-server[13682] [Originator@6876 sub=Telemetry] [TelemetryManager 261] Sending telemetry data: {"@type":"pman_error_report","taskId":"ec80c7abxxxxxxxf06-c5eb8df2ba70|520a9aaa-5fdb-xxxxxxe8-fe984a6d138b","entityId":"ec80c7ab-33d3-4f15-bf06-c5eb8df2ba70|domain-c2vv333","parentTaskId":"ec80c7ab-33d3-4f15-bf06-c5eb8df2ba70|52da01da-d3ad-4b98-3e84-43314660eba2","errorMessageId":"com.vmware.vcIntegrity.lifecycle.EsxImage.MetadataDownloadError","errorMessage":"An error occurred while downloading depot metadata from http://VC_FQDN/vum/repository/hostupdate/__micro-depot__vendor-vmw__metadata-73__index__.xml.","errorTime":"2025-07-21T07:19:59.102493Z"}
2025-07-21T07:19:59.381Z info vmware-vum-server[13682] [Originator@6876 sub=Telemetry] [TelemetryManager 261] Sending telemetry data: {"@type":"pman_error_report","taskId":"ec80c7ab-33d3-4f15-bf06-c5eb8df2ba70|52da01da-d3ad-4b98-3e84-43314660eba2","entityId":"ec80c7ab-33d3-4f15-bf06-c5eb8df2ba70|host-262973","parentTaskId":"","errorMessageId":"com.vmware.vcIntegrity.lifecycle.ClusterApplyHATask.ApplyHAToHostFailed","errorMessage":"Failed installing HA component on the host: host-262973","errorTime":"2025-07-21T07:19:59.102746Z"}

 

  • Unable to ping the vCenter FQDN from the hosts
  • Unable to nslookup the vCenter FQDN
  • The DNS configuration on all the hosts and vCenter are correct
  • Port 53 is open as well

 

Environment

VMware ESXi 8.x

VMware vCenter 8.x

Cause

Incoming traffic to the DNS Client service was in disabled state on the hosts

Resolution

  • Select the Host
  • Click on Configure Tab -> Click on Firewall
  • Click on Incoming -> EDIT 
  • Look for "DNS Client" in Quick filter 
  • To enable it -> Check the box 
  • Click on OK

 

Powered by Wolken Software