vSAN HCL Database Partnerweb Port Requirements

| 1 minute
VMware vSphere vSAN Network

**TL;DR - the vSAN HCL Database update from vCenter requires port 80 outbound to http://partnerweb.vmware.com/service/vsan/all.json.**

A little while ago, a customer of mine, in a restricted environment, was having issues getting the vSAN HCL Database updated in vCenter.

Following https://kb.vmware.com/s/article/2109870 didn’t address the issue, but allowed them to update the DB manually.

Outbound HTTPS traffic to partnerweb.vmware.com was whitelisted on the proxy, and 443 allowed on the firewall. Testing DNS and ports using curl showed that everything should be working, but we still couldn’t update the HCL DB. However, we weren’t sure if the originating request from vCenter was HTTP or HTTPS. I guess the assumption was HTTPS.

After speaking to their amazing VMware TAM (that’s me) I was able to take a far deeper look into the vSAN HCL Database utility. It turns out the requests to http://partnerweb.vmware.com/service/vsan/all.json were initiated over HTTP, not HTTPS.

Allowing port 80 on the firewall allowed the traffic, and they were off.

Share this on:
About Stellios Williams
Technical Account Manager VMware
This is my personal tech related blog for anything private and public cloud - including homelabs! My postings are my own and don’t necessarily represent VMware’s positions, strategies or opinions. Any technical guidance or advice is given without warranty or consideration for your unique issues or circumstances.
comments powered by Disqus