1 of 1 people found this helpful
What version of ESXi hosts do you have? Basically the ESXi host itself will need to be able to get out to the VMware update site to download metadata.
For ESXi 5.1 this would be the full URL for the file it tries to download:
Sorry to resurrect this old thread, and I know this isn't a Shavlik problem, more of a VMware issue...
Why oh why should I have to allow ALL my ESXi hosts to reach that URL?
This is both bizarre and insecure!
Q. Can we not have our Shavlik console gather the metadata and deliver this to the hosts to check, as with Windows scanning?
Q. Am I right to assume the Shavlik console IS downloading and delivering patches to the hosts, and the hosts are NOT individually downloading them direct from VMware???
NO! So I've just patched a host using Shavlik Protect, and the host itself is reaching out to 184.108.40.206
ESX scanning and patching is different from managing server/workstation clients.
The ESX hosts do ALL of the work. They scan themselves, download updates and install the updates to themselves. Shavlik Protect simply uses VMware API calls to start the processes and report back on the current status of the scan, deployment etc.