Web interface not working on additional vmkernel on different subnet

[Kev]

I have multiple IP addresses on my host so I have two different firewalls running virtually to play with and as a backup, i'd like the other firewall/subnet to also be able to access the ESXI interface directly and not through a tunnel back to the primary firewall.

I created a new TCP/IP stack, added a vmkernel with a different VLAN and got that VLAN's ip address through the second firewall. I assigned management to this vmkernel but I am still unable to access its web interface. I can ping the ESXi interface on this secondary subnet of course.

What am I missing?

 

[pricklypunter]

Sounds like a port issue to me, have a look here

 

[Kev]

Well, the default firewall rules in ESXI says:
vSphere Web Access, Incoming port 80, TCP, Allowed IP Address: All connections from all IP addresses

Update: I even tried esxcli network firewall set --enabled false and I still can't load the web interface.

 

[Rand__]

80 gets redirected to 443 nowadays, so make sure that one is reachable too

 

[vangoose]

You created a new tcp stack?
Each tcp stack has its own routing table.

 

[Kev]

Right. I disabled the firewall completely.

Yes, you have to create a new tcpip stack or the routing does not properly populate the new subnet gateway and even though it picks up an IP address, it is not reachable due to the routing table always defaulting to the first vmkernel gateway.