Hello vComunnity,
The other day I came across this interesting situation,
Running a vSAn skyline health was showing everything green but running it inside the nodes (localcli vsan health cluster get) says that is red:
In order to obtain more information about it you could run the following command and see which hosts this host cannot connect with:
esxcli vsan health cluster get -t “Hosts with connectivity issues”
My preferred way is to validate the issue is to check the /var/run/log/vsanmgmt.log, look for SSL error like this:
error vsand[10450841] [opID=0d02566e VsanVimHelpers::GetVsanVersionNamespace] Failed to test vsan vmodl version with error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:728) on 159.70.xxx.xxx
Time to fix this, Just go to VC -> (host) -> Configure -> System -> Certificate
Hit renew (wait for it to complete) then hit refresh (do this on each host you identified with SSL issues)
Now the command’s output comes without network issues:
Network green Hosts with connectivity issues green vSAN cluster partition green All hosts have a vSAN vmknic configured green vSAN: Basic (unicast) connectivity check green vSAN: MTU check (ping with large packet size) green vMotion: Basic (unicast) connectivity check green vMotion: MTU check (ping with large packet size) green Network latency check green
Hope this was a cool post for you guys to know,
Do now hesitate in contacting me if you have any comments,
Jorluis
![[Updated] VCSA/PSC vDS network recovery. – VxRail](https://www.jortechnologies.com/wp-content/themes/Extra/images/post-format-thumb-text.svg)
