I'm setting up some new VMware clusters for customers requireing some strict compliance rules. The design is one VMware management cluster with 4 client clusters (all segregated). In the management cluster I have my CommCell and Media Agent/VSA and each client cluster has a VSA/Proxy. All my credentials check out fine and I can run a base backup without issue (which backs up all VMs). The problem is when I go into the subclient and try to select specific VMs under content I get the following error:
Browse failed for: "client vCenter server". Reason: Unknown error occured. Please check logs for details.
It won't even open the window to look at the vCenter tree. This works fine in the Management vCenter cluster, but all the client clusters exhibit this behavior.
I'm guessing this is due to the restrictions put on vCenter to lock everything down for compliance, but I don't know where in vCenter to look for this. I'm also not sure which logs in Commvault this error would reside in. I tried the main error logs (CVD, adminconsole) and there is nothing in there on this error.
Anyone have any idea on where to look or what might be locked down in vCenter? FWIW VROPs (vRealize Operations Manager) was used to lock down vCenter.
Also, I'm not 100% sure of the network path taken when browsing vCenter data from the CommCell. If a VSA/Proxy is defined for that vCenter does the browse data go through the proxy or does the CommCell talk straight to vCenter? There is some funky networking going on to keep the client environments separated so I'm not sure if that is in play or not. The VSA's in each client environment have two NICs, one for management (same network as vCenter) and one for data traffic (no gateway, static route to a NSX gateway that communicates between the client cluster and management cluster). Communication seems to be configured correctly since the backups work, but I'm not sure if maybe different ports are used when browsing vCenter data.