Hello ,
I have my vCentre and VUM are on seprate VMs but same host. my issue is when I attached the based line from Update Manager run scan against my host it failed, description of error is Could not scan xxx.xxx.xxx.xxx for patches and thats it.
i Have vCentre 4.1 and hosts are ESXi 4.1 U1. communication between vCentre and VUM no issue. revelent port are open such 9087, 8084
one thing i am not surewhy i was not able to telnet www.vmware .com 80 even though port is open from Firewall perspective, however xml.shavlik.com wiht 443 works fine on VUM as well as vCentre.
i also found some nice VMware article and it fit to my scenario aswell see below
- When Update Manager and vCenter Server are installed on two different machines:
- Update Manager has a reverse proxy listening on ports 80 and 443 if the default is not changed during the installation.
- vCenter Server connects to Update Manager through port 443. The reverse proxy forwards the request to 8084.
- ESX/ESXi host connects to Update Manager through port 80. The reverse proxy forwards the request to 9084.
To obtain metadata, Update Manager must be able to connect to http://www.vmware.com/ and http://www.shavlik.com , and requires outbound ports 80 and 443.
For binary data, the outbound ports are 80 and 443.
For ESX/ESXi host scanning and remediation, Update Manager requires that port 80 be open on the ESX host.
For Update Manager to push patches to ESX/ESXi host, port 902 is required.
but i am still open for discussion and any help greatly appreciate
Thanks