Troubleshooting Virtual Machine Remote Console (VMRC) connectivity issues in VMware Cloud Director
Article ID: 320548
Updated On: 05-01-2025
Products
VMware Cloud Director
Issue/Introduction
Symptoms:
- The Virtual Machine Remote Console (VMRC) appears in a disconnected state when opened.
- The VMRC always shows as connected but never shows a working window.
- The VMRC shows as connecting and then it is disconnected when opened.
Environment
VMware Cloud Director 10.x
Cause
The VMRC connectivity issue occurs due to timing, naming resolution, validation, and routing.
Resolution
These factors tend to be the reason for connectivity issues with Cloud VMRC consoles.
NTP
ESXi Hosts, vCenter Server, Cloud Cells and database servers should be able to communicate effectively.
If one of these entities has an inaccurate time setting by even a few seconds this can cause issues with a request being interpreted as being in the future, that is the destination entity has a time setting behind that of the source.
- Check the NTP Service Status of Your VMware Cloud Director Appliance
- Change the NTP Server of Your VMware Cloud Director Appliance
- Change the Timezone of Your VMware Cloud Director Appliance
DNS
Forward, reverse, full and short name look-ups respond as expected.
For more information, see Identifying issues with and setting p name resolution on ESX/ESXi Server (1003735).
It is essential that all facets of DNS are able to be resolved in the environment as SSL certificates rely on DNS resolving the IP addresses to their self-contained FQDN names for the device instances.
Public Address Configuration
Ensure to configure Public Addresses within the Cloud Director UI. To configure this setting go to System > Administration > Web Portal/API.
If this field is not populated, your client is given an Internal/Private IP of the responding Cell for which it must connect.
SSL certificates
The certificates come in two formats: Self signed or Certificate Authority (CA) signed.
If the certificate is Self signed:
- It contains a single link in the certificate chain
- A Root certificate needs to be added to the Trusted Certificates in Cloud Director. This shall be used by the browser to validate the chain when connecting.
If the certificate is CA signed:
-
- It contains multiple links in the certificate chain
- A Root and one or more Intermediate certificates need to be from a Trusted CA or to be added to the Trusted Certificates in Cloud Director.
- If any part of the chain is not present in the Trusted Stores, the chain shall not be trusted.
The Common Name (CN) value of the certificate needs to match the FQDN of Cloud Director exactly. The only time this does not apply is when Subject Alt Name is used in the certificate, where the CN is ignored. The Subject Alt Name contains the FQDN as well as other information you wish to match.
Note: When creating or requesting certificates, make the CN name unique. As this is used to validate against an FQDN, it would not make sense for two IPs in your environment to map to the same FQDN/Domain Name.
Additional Information
Note: The preceding links present in this article were correct as of May01, 2025. If you find the links are broken, please provide feedback and a Broadcom employee will update the link.
Feedback
Yes
No
Powered by
