When attempting an Advanced Cross vCenter vMotion (XVM) between two vCenter Server instances, the migration fails to initialize or times out. Diagnostic tests using curl or nc from the source vCenter to the destination vCenter IP on port 443 result in a "Connection timed out" error.

Symptoms:

• Migration task hangs at "Validating" or fails with "Could not establish VM migration between vCenters."

• vpxa.log or vmware.log contains "Connection timed out" or "Cannot connect to host" entries.

• Captured network traces show TCP SYN packets leaving the source but no SYN-ACK returning from the destination.

The issue is caused by Asymmetric Routing or a Missing Reverse Route in the physical network infrastructure. While the source subnet can route packets to the destination, the destination's gateway lacks a routing table entry to send the return traffic (the "route back") to the source subnet, causing the TCP handshake to fail.

1. Identify Subnets: Identify the IP subnets for the Source vCenter, Destination vCenter, and all ESXi vMotion VMkernel interfaces.

2. Verify Bidirectional Path: Perform a traceroute from the destination vCenter back to the source vCenter IP. If the trace fails at the first or second hop, a route is missing in the local gateway.

3. Update Physical Infrastructure: Work with the network administration team to ensure that all Layer 3 devices (routers/firewalls) between the sites have explicit routes for both directions of traffic.

4. Configure VMkernel Gateway: If a dedicated vMotion TCP/IP stack is used on the ESXi hosts, verify the default gateway for that stack:

   • Run: esxcli network ip route ipv4 list

   • If missing, add it: esxcli network ip route ipv4 add -g <Gateway_IP> -n <Remote_Subnet>

5. Final Validation: Confirm the fix by running nc -zv <Target_IP> 443 from the vCenter appliance shell. A "Succeeded" message confirms the reverse path is functional.

• Broadcom KB 318636: Troubleshooting vMotion network-related errors

• Broadcom KB 373947: Cross vCenter VM migration fails with "Cannot connect to host"