[SOLVED] Problem connecting Proxmox 9.1 to the storage ESXi for migrate VM's from ESXI

V

Vladyslav

Active Member
Jul 16, 2019
2
1
43
29
Hello, I'm having trouble connecting an ESXi storage device to Proxmox 9.1.

create storage failed: [Errno 104] Connection reset by peer (500)

A separate user was specifically created in the ESXi system and granted the following permissions:
System.read
Datastore.Browse
Datastore.FileManagement
VirtualMachine.Config.QueryUnownedFiles
VMGlobal.Diagnostics
Sessions.ValidateSession

Network access from Proxmox servers to ESXi via port 443 is open
It is not possible to create another user; only user permissions can be edited. The root user must not be used. Is there a list of permissions for the ESXi user in the documentation? I have not found such information
 
Last edited:
Hi @Vladyslav ,
There is no documentation, as far as I am aware, that can guide you to use a non-root account. That said, you can use a tool (for example "govc") that uses the same network/API path as PVE and troubleshoot the connectivity easier than trying to bring up the ESXi storage in PVE.

The "reset by peer" is somewhat suspect as it points more to the TCP layer rather than Application/permission layer. It seems like DNS is likely OK given you get initial connectivity, so I would check MTU.

If possible, I would also check the ESXi logs - a permission error could be found there. Getting a network trace on PVE side could also show whether the connection is getting established to allow permissions to pass-through, or if it gets cut at handshake.

Blockbridge : Ultra low latency all-NVME shared storage for Proxmox - https://www.blockbridge.com/proxmox
 
bbgeek17 said:
Hi @Vladyslav ,
There is no documentation, as far as I am aware, that can guide you to use a non-root account. That said, you can use a tool (for example "govc") that uses the same network/API path as PVE and troubleshoot the connectivity easier than trying to bring up the ESXi storage in PVE.

The "reset by peer" is somewhat suspect as it points more to the TCP layer rather than Application/permission layer. It seems like DNS is likely OK given you get initial connectivity, so I would check MTU.

If possible, I would also check the ESXi logs - a permission error could be found there. Getting a network trace on PVE side could also show whether the connection is getting established to allow permissions to pass-through, or if it gets cut at handshake.

Blockbridge : Ultra low latency all-NVME shared storage for Proxmox - https://www.blockbridge.com/proxmox
Click to expand...
The problem was on the firewall side; HTTPS traffic between the servers was blocked.
 
  • Like
Reactions: Johannes S
Vladyslav said:
The problem was on the firewall side; HTTPS traffic between the servers was blocked.
Click to expand...
Thank you for coming back and sharing your findings - they will assist others who run into similar situation.
You can mark the thread as Solved by editing the first post and selecting the appropriate subject prefix. This assist with keeping the forum tidy.
Cheers

Blockbridge : Ultra low latency all-NVME shared storage for Proxmox - https://www.blockbridge.com/proxmox
 
  • Like
Reactions: Johannes S
You must log in or register to reply here.
Top Bottom
Back