Category: VMware

VMware technologies

Quick Tip – Auditing ESXi boot firmware type

Quick Tip – Auditing ESXi boot firmware type

I had a customer that recently reached out asking how they could easily audit their entire ESXi infrastructure to determine which hosts was still booting using the legacy BIOS firmware, which has been deprecated and will be removed in a future vSphere release, in favor of the industry standard […]

Broadcom Social Media Advocacy

Setup HTTPS for OIDC endpoint with Authentik…

Setup HTTPS for OIDC endpoint with Authentik…

If you have been following my recent adventures in playing with both Authentik and Keycloak as an OAuth/OIDC Identity Provider (IdP) for use with vCenter Server or VMware Cloud Foundation (VCF) Identity Federation, you can take it one step further and authenticate with a Yubico YubiKey or Apple […]

Broadcom Social Media Advocacy

ESXi to Syslog: Troubleshooting Connectivity Issues Like a Pro!

When troubleshooting ESXi network and Syslog server connectivity issues, knowing the right tools can save you hours of frustration. Whether it’s an unresponsive syslog server, blocked TCP/UDP ports, this guide will help you diagnose and fix common connectivity issues quickly.

Key Troubleshooting Tools for ESXi Network Connectivity

Step 1: Verify Basic Network Connectivity

Before checking anything else, confirm that the ESXi host can communicate with the syslog server at a basic network level.

Standard ICMP ping test:

ping <destination-IP>

VMkernel-specific ping (useful for vMotion, NFS, etc.):

 vmkping <destination-IP>

or specify which vmkernel should be used as ongoing interface for ping

 vmkping -I vmk0 <destination-IP>

If these fail, the issue is likely a network routing problem or an upstream firewall blocking traffic.

Step 2: Check TCP/UDP Port Connectivity (netcat)

Even if the server is reachable, the syslog port might be blocked or not listening. Netcat helps determine if a specific TCP or UDP port is reachable.

⚠️ Note: Be aware that netcat doesn’t display an error message when a connection fails—only a successful connection is reported.

Use Cases

Test TCP Port Connectivity:

nc -z <destination-ip> <destination-port>

Test UDP Port Connectivity:

nc -zu <destination-ip> <destination-port>

Step 3: Analyze ESXi Network Connections and Interface Statistics

ESXi provides tools to inspect active network connections and adapter performance.

Check active TCP/UDP connections:

esxcli network ip connection list|grep <port>

If the syslog connection isn’t listed, ESXi isn’t attempting to send logs—double-check your syslog configuration in vSphere.

Check NIC statistics for errors and dropped packets:

esxcli network nic stats get -n <vmnicX>

Persistent errors here could indicate network congestion or misconfigurations.

Final Thoughts: Diagnosing Syslog Connectivity Efficiently

Troubleshooting network issues between an ESXi host and a syslog server doesn’t have to be a headache. Using these tools, you can pinpoint the problem—whether it’s a blocked port, misconfiguration, or network adapter issue—and resolve it efficiently.

Still facing issues? Look at Broadcom KB

VPC Networking with VCF NSX » vrealize.it -…

VPC Networking with VCF NSX » vrealize.it -…

The introduction of VPCs (Virtual Private Cloud) at the network level provides a “self-service” for network, security and other network services in an isolated environment. Those responsible for the VPC can create networks and security rules (within their limits), thus relieving the burden […]

Broadcom Social Media Advocacy