Hi Gortee!
Thanks for replying - sorry its taken me so long to get back to you, we've actually been in the DC setting this stuff up.
So one annoying issue I'm having is I can't connect to the vCenter Appliance from anywhere but the management network (VLAN 1). As a result, the only items that can use the web client has to be on the same network segment. Basically, the management IP can only be reached/accessed from the management segment, and the server IP can only be reached by others in the server segment, even though both are route-able and others physical machines on these segments are not having these issues. Here's my steps so far and what I'm experiencing:
1. I installed all the hosts, configured their management networks and verified everything can talk to eachother (vmk0)
2. I deployed the vCenter appliance on host1 and configured a static address via the CLI (/opt/vmware/share/vami/vami_config_net)
3. After being able to access the management page, I made sure all time settings were good with all hosts/vca, and ran through default install (no issues)
4. All servers and VCA can ping/vmkping each other, and a cluster was created and I configured the rest of the PGs, succesfully testing vMotion and such.
5. I then added a second NIC to the VCA, attached it to the Server Networks PortGroup (VDS), and IP'd it following this article:Musings on Information Technology - A view from the trenches: Setting up vCenter Server Appliance (vCSA) - Using multipl… which also worked (able to ping others on the server network).
I haven't moved the Managment vmk0/adapters to the VDS yet; the vswitch0 that was set up by default which still has the Management vmkernel (vmk0) and the "VM Network" portgroup with the vCenter server running there (again, on the Management VLAN).
For whatever reason, I cannot access anything on the vCenter Appliance from anywhere but the management network. This makes managing via the web or vsphere client impossible unless I'm on that network segment. I also cannot ping it by its Server Network address, unless I'm in that particular Server VLAN network segment, so very similar to the Management side of things. Both are route-able and we basically have a set of any-any rules in place while we build.
I'm able to access all the ESXi hosts via ports 80/443, and I can connect to each of them from vsphere clients outside of the Management VLAN/they respond to pings. The VCA is literally 1 IP from the last ESXi host, in the same subnet, and I cannot reach it from anywhere else. Could anyone help with this?