« Torna alla lista delle News

28
giu
2012

Porte TCP UDP usate dal VSphere Client, vCenter Server, host ESX e software VmWare


vCenter Server, host ESX, e altri programmi VmWare sono accessibili utilizzando predeterminati porte TCP e UDP.
Se si gestiscono questi software all'esterno dell'azienda e quindi dietro un firewall, potrebbe essere necessario riconfigurare il firewall per consentire l'accesso alle porte appropriate.

Questo articolo fornisce informazioni sulle porte necessarie per i prodotti VMware.

Le porte usate dal VI / vSphere client sono menzionate alla fine di questa tabella in una sezione a parte:

Product

Port

Protocol

Source

Target

Purpose

AppSpeed

80

TCP

AppSpeed Server

vCenter Server 4

vCenter proxy interface. Used only during setup to verify the proxy is setup correctly. Port 80 is the default Web Service Port, but a different TCP port can be configured in vCenter Server 4.

AppSpeed

443

TCP

AppSpeed Server

vCenter Server 4

Default port for communications. A different TCP port can be configured in vCenter Server 4.

AppSpeed

22

TCP

AppSpeed Server

AppSpeed Probe

Connections to the probes to access the probes outside of the VPN.

AppSpeed

123

TCP

AppSpeed Server

AppSpeed Probe

NTP services

AppSpeed

1194

TCP/UDP

AppSpeed Server

AppSpeed Probe

Communications over OpenVPN

Auto Deploy Server

6501

TCP

ESXi

vCenter Server

Auto Deploy service

Auto Deploy Server

6502

TCP

ESXi

vCenter Server

Auto Deploy management

Consolidated Backup

443

TCP

VCB Proxy Server

vCenter Server

Required for VCB and vcbMounter communication and backup processes

Consolidated Backup

443

TCP

VCB Proxy Server

ESX/ESXi Host

Required for VCB and vcbMounter communication and backup processes

Converter 3.x

137

UDP

vCenter Converter Server

Source Computer to be converted

For hot migration. Not required if the source computer does not use NetBIOS

Converter 3.x

138

UDP

vCenter Converter Server

Source Computer to be converted

For hot migration. Not required if the source computer does not use NetBIOS

Converter 3.x

139

TCP

vCenter Converter Server

Source Computer to be converted

For hot migration. Not required if the source computer does not use NetBIOS

Converter 3.x

443

TCP

Source Computer to be converted

ESX/ESXi Host

Required for destination VM access when target is ESX/ESXi/vCenter

Converter 3.x

443

TCP

Source Computer to be converted

vCenter Server

Required if vCenter Server is the conversion target

Converter 3.x

443

TCP

vCenter Converter Server

vCenter Server

Required if vCenter Server is the conversion target

Converter 3.x

443

TCP

vCenter Converter Server

ESX/ESXi Host

Required for system conversion

Converter 3.x

445

TCP

vCenter Converter Server

Source Computer to be converted

Required for system conversion. Not required if the source computer uses NetBIOS

Converter 3.x

902

TCP

Source Computer to be converted

ESX/ESXi Host

Required for data transport during cloning of system to be converted to target ESX/ESXi Host

Converter 4.x

22

TCP

Helper Virtual Machine

Source Computer to be converted

Required for conversion of Linux-based source computers (data flows from source to VM)

Converter 4.x

22

TCP

vCenter Converter Server

Source Computer to be converted

Required for conversion of Linux-based source computers

Converter 4.x

137

UDP

vCenter Converter Server

Source Computer to be converted

For hot migration. Not required if the source computer does not use NetBIOS

Converter 4.x

138

UDP

vCenter Converter Server

Source Computer to be converted

For hot migration. Not required if the source computer does not use NetBIOS

Converter 4.x

139

TCP

vCenter Converter Server

Source Computer to be converted

For hot migration. Not required if the source computer does not use NetBIOS

Converter 4.x

443

TCP

vCenter Converter Client

vCenter Converter Server

Only required if the Converter Client and Converter Server were installed on different systems

Converter 4.x

443

TCP

Source Computer to be converted

ESX/ESXi Host

Required for destination VM access when target is ESX/ESXi/vCenter

Converter 4.x

443

TCP

Source Computer to be converted

vCenter Server

Required if vCenter Server is the conversion target

Converter 4.x

443

TCP

vCenter Converter Server

vCenter Server

Required if vCenter Server is the conversion target

Converter 4.x

443

TCP

vCenter Converter Server

ESX/ESXi Host

Required for system conversion

Converter 4.x

443

TCP

vCenter Converter Server

Helper Virtual Machine

Required for conversion of Linux-based source computers

Converter 4.x

445

TCP

vCenter Converter Server

Source Computer to be converted

Required for system conversion. Not required if the source computer uses NetBIOS

Converter 4.x

902

TCP

Source Computer to be converted

ESX/ESXi Host

Required for data transport during cloning of system to be converted to target ESX/ESXi Host

Converter 4.x

9089, 9090

TCP

vCenter Converter Server

Source Computer to be converted

Required for system conversion. Remote agent deployment

Converter 5.x

22

TCP

Converter Standalone server

powered-on source machine

Used to establish an SSH connection between the Converter Standalone server and the source Linux machine

Converter 5.x

137

UDP

Converter Standalone server

powered-on source machine

For hot migration. Not required if the source computer does not use NetBIOS

Converter 5.x

138

UDP

Converter Standalone server

powered-on source machine

For hot migration. Not required if the source computer does not use NetBIOS

Converter 5.x

139

TCP

Converter Standalone server

powered-on source machine

For hot migration. Not required if the source computer does not use NetBIOS

Converter 5.x

443

TCP

Converter Standalone server

vCenter Server

Required only if theconversion destination is a vCenter Server

Converter 5.x

443

TCP

Converter Standalone client

Converter Standalone server

Required only if the Converter Standalone server and Linux client components are on different machines

Converter 5.x

443

TCP

Converter Standalone client

vCenter server

Required only if the Converter Standalone server and client components are on different machines

Converter 5.x

22

TCP

Powered-on Source Linux machine

ESX/ESXi Host

Uses secure connection port 22 to Host

Converter 5.x

443, 902

TCP

Powered-on Source Windows machine

ESX/ESXi Host

Required for data transfer to destination ESX/ESXi host

Converter 5.x

445

TCP

Converter Standalone server

powered-on source machine

Required for system conversion. Not required if the source computer uses NetBIOS

Converter 5.x

9089

TCP

Converter Standalone server

powered-on source machine

Required for system conversion. Remote agent deployment

Data Recovery

443

TCP

Data Recovery Appliance

vCenter Server

VDR to vCenter Server communications

Data Recovery

902

TCP

Data Recovery Appliance

ESX Host

VDR to ESX communications

Data Recovery

22024

TCP

Data Recovery vSphere Client Plug-in

Data Recovery Appliance

Data Recovery management

ESX 3.x

21

TCP

FTP Client

ESX Host

FTP

ESX 3.x

21

TCP

ESX Host

FTP Server

FTP

ESX 3.x

22

TCP

SSH Client

ESX Host

SSH

ESX 3.x

22

TCP

ESX Host

SSH Server

SSH

ESX 3.x

53

UDP

ESX/ESXi Host

DNS Server

DNS

ESX 3.x

80

TCP

Client PC

ESX/ESXi Host

Redirect Web Browser to HTTPS Service (443)

ESX 3.x

88

TCP

ESX Host

Active Directory Server

PAM Active Directory Authentication - Kerberos

ESX 3.x

111

UDP

ESX/ESXi Host

NFS Server

NFS Client – RPC Portmapper

ESX 3.x

111

TCP

ESX/ESXi Host

NFS Server

NFS Client – RPC Portmapper

ESX 3.x

123

UDP

ESX/ESXi Host

NTP Time Server

NTP Client

ESX 3.x

137 to 139

TCP

ESX Host

SMB Server

SMB

ESX 3.x

161

UDP

SNMP Server

ESX Host

SNMP Polling

ESX 3.x

162

UDP

ESX Host

SNMP Collector

SNMP Trap Send

ESX 3.x

389

TCP/UDP

ESX Host

LDAP Server

PAM Active Directory Authentication – LDAP

ESX 3.x

427

UDP

VI / vSphere Client

ESX/ESXi Host

CIM Service Location Protocol (SLP)

ESX 3.x

427

TCP

VI / vSphere Client

ESX/ESXi Host

CIM Service Location Protocol (SLP)

ESX 3.x

443

TCP

Client PC

ESX Host

Host VI Management via web browser

ESX 3.x

443

TCP

VI / vSphere Client

ESX/ESXi Host

VI / vSphere Client to ESX/ESXi Host management connection

ESX 3.x

443

TCP

ESX/ESXi Host

ESX/ESXi Host

Host to host VM migration and provisioning

ESX 3.x

445

TCP

ESX Host

SMB Server

SMB

ESX 3.x

445

TCP

ESX Host

MS Directory Services Server

PAM Active Directory Authentication

ESX 3.x

445

UDP

ESX Host

MS Directory Services Server

PAM Active Directory Authentication

ESX 3.x

464

TCP

ESX Host

Active Directory Server

PAM Active Directory Authentication – Kerberos Password Services

ESX 3.x

514

UDP

ESX/ESXi Host

Syslog Server

Remote syslog logging

ESX 3.x

902

TCP

VI /vSphere Client

ESX/ESXi Host

VI / vSphere Client to ESX/ESXi hosted VM connectivity (MKS)

ESX 3.x

902

TCP/UDP

ESX/ESXi Host

ESX/ESXi Host

Authentication, Provisioning, VM Migration

ESX 3.x

902

TCP/UDP

ESX/ESXi Host

Virtual Center 3.x/ vCenter Server 4.x

Heartbeat

ESX 3.x

903

TCP

VI / vSphere Client

ESX/ESXi Host

VM Remote Console

ESX 3.x

2049

UDP

ESX/ESXi Host

NFS Server

NFS Client

ESX 3.x

2049

TCP

ESX/ESXi Host

NFS Server

NFS Client

ESX 3.x

2050 to 2250

UDP

ESX/ESXi Host

ESX/ESXi Host

VMware HA

ESX 3.x

3260

TCP

ESX/ESXi Host

iSCSI SAN

Software iSCSI Client and Hardware iSCSI HBA

ESX 3.x

5988

TCP

ESX/ESXi Host

ESX/ESXi Host

CIM Client to CIM Secure Server

ESX 3.x

5989

TCP

ESX/ESXi Host

VirtualCenter/vCenter Server

CIM Secure Server to CIM Client

ESX 3.x

5989

TCP

VirtualCenter/vCenter Server

ESX/ESXi Host

CIM Client to CIM Secure Server

ESX 3.x

8000

TCP

ESX/ESXi Host (VM Target)

ESX/ESXi Host (VM Source)

VMotion Communication on VMKernel Interface

ESX 3.x

8000

TCP

ESX/ESXi Host (VM Source)

ESX/ESXi Host (VM Target)

VMotion Communication on VMKernel Interface

ESX 3.x

8042 to 8045

TCP

ESX/ESXi Host

ESX/ESXi Host

VMware HA

ESX 3.x

27000

TCP

ESX/ESXi Host

VMware License Server

ESX/ESXi 3.x Host to License Server communication

ESX 3.x

27010

TCP

ESX/ESXi Host

VMware License Server

ESX/ESXi 3.x Host to License Server communication

ESX 4.x

21

TCP

FTP Client

ESX Host

FTP

ESX 4.x

21

TCP

ESX Host

FTP Server

FTP

ESX 4.x

22

TCP

ESX Host

SSH Server

SSH

ESX 4.x

22

TCP

SSH Client

ESX Host

SSH

ESX 4.x

53

UDP

ESX/ESXi Host

DNS Server

DNS

ESX 4.x

80

TCP

Client PC

ESX/ESXi Host

Redirect Web Browser to HTTPS Service (443)

ESX 4.x

88

TCP

ESX Host

Active Directory Server

PAM Active Directory Authentication - Kerberos

ESX 4.x

111

UDP

ESX/ESXi Host

NFS Server

NFS Client – RPC Portmapper

ESX 4.x

111

TCP

ESX/ESXi Host

NFS Server

NFS Client – RPC Portmapper

ESX 4.x

123

UDP

ESX/ESXi Host

NTP Time Server

NTP Client

ESX 4.x

137 to 139

TCP

ESX Host

SMB Server

SMB

ESX 4.x

161

UDP

SNMP Server

ESX Host

SNMP Polling

ESX 4.x

162

UDP

ESX Host

SNMP Collector

SNMP Trap Send

ESX 4.x

389

TCP/UDP

ESX Host

LDAP Server

PAM Active Directory Authentication – LDAP

ESX 4.x

427

UDP

VI / vSphere Client

ESX/ESXi Host

CIM Service Location Protocol (SLP)

ESX 4.x

427

TCP

VI / vSphere Client

ESX/ESXi Host

CIM Service Location Protocol (SLP)

ESX 4.x

443

TCP

ESX/ESXi Host

ESX/ESXi Host

Host to Host VM migration and provisioning

ESX 4.x

443

TCP

Client PC

ESX Host

Host VI Management via web browser

ESX 4.x

443

TCP

vSphere Client

ESX/ESXi Host

vSphere Client to ESX/ESXi Host management connection

ESX 4.x

445

UDP

ESX Host

MS Directory Services Server

PAM Active Directory Authentication

ESX 4.x

445

TCP

ESX Host

MS Directory Services Server

PAM Active Directory Authentication

ESX 4.x

445

TCP

ESX Host

SMB Server

SMB

ESX 4.x

464

TCP

ESX Host

Active Directory Server

PAM Active Directory Authentication – Kerberos Password Services

ESX 4.x

514

UDP

ESX/ESXi Host

Syslog Server

Remote syslog logging

ESX 4.x

902

TCP

vSphere Client

ESX/ESXi Host

vSphere Client to ESX/ESXi hosted VM connectivity (MKS)

ESX 4.x

902

TCP/UDP

ESX/ESXi Host

ESX/ESXi Host

Authentication, Provisioning, VM Migration

ESX 4.x

902

TCP/UDP

ESX/ESXi Host

vCenter Server 4.x

Heartbeat

ESX 4.x

903

TCP

VI / vSphere Client

ESX/ESXi Host

VM Remote Console (MKS)

ESX 4.x

1024 (dynamic)

TCP/UDP

ESX Host

Active Directory Server

Bi-directional communication on TCP/UDP ports is required between the ESX host and the Active Directory Domain Controller (via the netlogond process on the ESX host). See Active Directory and Active Directory Domain Services Port Requirements and MS article 179442.

ESX 4.x

2049

UDP

ESX/ESXi Host

NFS Server

NFS Client

ESX 4.x

2049

TCP

ESX/ESXi Host

NFS Server

NFS Client

ESX 4.x

2050 to 2250

UDP

ESX/ESXi Host

ESX/ESXi Host

VMware HA

ESX 4.x

3260

TCP

ESX/ESXi Host

iSCSI SAN

Software iSCSI Client and Hardware iSCSI HBA

ESX 4.x

5900 to 5964

TCP

ESX/ESXi Host

ESX/ESXi Host

RFB Protocol used by management toolssuch as VNC

ESX 4.x

5988

TCP

ESX/ESXi Host

ESX/ESXi Host

CIM Client to CIM Secure Server

ESX 4.x

5989

TCP

VirtualCenter/vCenter

ESX/ESXi Host

CIM Client to CIM Secure Server

ESX 4.x

5989

TCP

ESX/ESXi Host

VirtualCenter/vCenter

CIM Secure Server to CIM Client

ESX 4.x

8000

TCP

ESX/ESXi Host (VM Target)

ESX/ESXi Host (VM Source)

VMotion Communication on VMKernel Interface

ESX 4.x

8000

TCP

ESX/ESXi Host (VM Source)

ESX/ESXi Host (VM Target)

VMotion Communication on VMKernel Interface

ESX 4.x

8042 to 8045

TCP

ESX/ESXi Host

ESX/ESXi Host

VMware HA

ESX 4.x

47

UDP

ESX/ESXi Host

Physical Switches

vDS (Virtual Distributed Switch) Broadcast

ESX 4.x

8100

TCP/UDP

ESX/ESXi 4 Host

ESX/ESXi 4.x Host

VMware Fault Tolerance. ESX/ESXi 4 only.

ESX 4.x

8200

TCP/UDP

ESX/ESXi 4 Host

ESX/ESXi 4.x Host

VMware Fault Tolerance. ESX/ESXi 4 only.

ESX 4.x

8301

UDP

ESX/ESXi 4.x Host

ESX/ESXi 4.x

DVS Port Information

ESX 4.x

8302

UDP

ESX/ESXi 4.x Host

ESX/ESXi 4.x Host

DVS Port Information

ESXi 3.x

53

UDP

ESX/ESXi Host

DNS Server

DNS

ESXi 3.x

80

TCP

Client PC

ESX/ESXi Host

Redirect Web Browser to HTTPS Service (443)

ESXi 3.x

111

TCP

ESX/ESXi Host

NFS Server

NFS Client – RPC Portmapper

ESXi 3.x

111

UDP

ESX/ESXi Host

NFS Server

NFS Client – RPC Portmapper

ESXi 3.x

123

UDP

ESX/ESXi Host

NTP Time Server

NTP Client

ESXi 3.x

162

UDP

ESX Host

SNMP Collector

SNMP Trap Send

ESXi 3.x

427

UDP

VI / vSphere Client

ESX/ESXi Host

CIM Service Location Protocol (SLP)

ESXi 3.x

427

TCP

VI / vSphere Client

ESX/ESXi Host

CIM Service Location Protocol (SLP)

ESXi 3.x

443

TCP

VI / vSphere Client

ESX/ESXi Host

VI / vSphere Client to ESX/ESXi Host management connection

ESXi 3.x

443

TCP

ESX/ESXi Host

ESX/ESXi Host

Host to host VM migration and provisioning

ESXi 3.x

514

UDP

ESX/ESXi Host

Syslog Server

Remote syslog logging

ESXi 3.x

902

TCP

VI / vSphere Client

ESX/ESXi Host

VI / vSphere Client to ESX/ESXi hosted VM connectivity (MKS/Remote Console)

ESXi 3.x

902

TCP/UDP

ESX/ESXi Host

ESX/ESXi Host

Authentication, Provisioning, VM Migration

ESXi 3.x

902

TCP/UDP

ESX/ESXi Host

Virtual Center 3.x/ vCenter Server 4.x

Heartbeat

ESXi 3.x

903

TCP

VI / vSphere Client

ESX/ESXi Host

VM Remote VM Console (MKS)

ESXi 3.x

2049

TCP

ESX/ESXi Host

NFS Server

NFS Client

ESXi 3.x

2049

UDP

ESX/ESXi Host

NFS Server

NFS Client

ESXi 3.x

2050 to 2250

UDP

ESX/ESXi Host

ESX/ESXi Host

VMware HA

ESXi 3.x

3260

TCP

ESX/ESXi Host

iSCSI SAN

Software iSCSI Client and Hardware iSCSI HBA

ESXi 3.x

5988

TCP

ESX/ESXi Host

ESX/ESXi Host

CIM Client to CIM Secure Server

ESXi 3.x

5989

TCP

VirtualCenter/vCenter

ESX/ESXi Host

CIM Client to CIM Secure Server

ESXi 3.x

5989

TCP

ESX/ESXi Host

VirtualCenter/vCenter

CIM Secure Server to CIM Client

ESXi 3.x

8000

TCP

ESX/ESXi Host (VM Target)

ESX/ESXi Host (VM Source)

VMotion Communication on VMKernel Interface

ESXi 3.x

8000

TCP

ESX/ESXi Host (VM Source)

ESX/ESXi Host (VM Target)

VMotion Communication on VMKernel Interface

ESXi 3.x

8042 to 8045

TCP

ESX/ESXi Host

ESX/ESXi Host

VMware HA

ESXi 3.x

27000

TCP

ESX/ESXi Host

VMware License Server

ESX/ESXi 3.x Host to License Server communication

ESXi 3.x

27010

TCP

ESX/ESXi Host

VMware License Server

ESX/ESXi 3.x Host to License Server communication

ESXi 4.x

53

UDP

ESX/ESXi Host

DNS Server

DNS

ESXi 4.x

80

TCP

Client PC

ESX/ESXi Host

Redirect Web Browser to HTTPS Service (443)

ESXi 4.x

88

TCP

ESXi host

Active Directory Server

PAM Active Directory Authentication - Kerberos

ESXi 4.x

111

TCP

ESX/ESXi Host

NFS Server

NFS Client – RPC Portmapper

ESXi 4.x

111

UDP

ESX/ESXi Host

NFS Server

NFS Client – RPC Portmapper

ESXi 4.x

123

UDP

ESX/ESXi Host

NTP Time Server

NTP Client

ESXi 4.x

161

UDP

SNMP Server

ESXi 4.x Host

SNMP Polling. Not used in ESXi 3.x

ESXi 4.x

162

UDP

ESXi Host

SNMP Collector

SNMP Trap Send

ESXi 4.x

389

TCP/UDP

ESXi host

LDAP Server

PAM Active Directory Authentication - Kerberos

ESXi 4.x

427

UDP

VI / vSphere Client

ESX/ESXi Host

CIM Service Location Protocol (SLP)

ESXi 4.x

427

TCP

VI / vSphere Client

ESX/ESXi Host

CIM Service Location Protocol (SLP)

ESXi 4.x

443

TCP

VI / vSphere Client

ESX/ESXi Host

VI / vSphere Client to ESX/ESXi Host management connection

ESXi 4.x

443

TCP

ESX/ESXi Host

ESX/ESXi Host

Host to host VM migration and provisioning

ESXi 4.x

445

UDP

ESXi host

MS Directory Services Server

PAM Active Directory Authentication

ESXi 4.x

445

TCP

ESXi host

MS Directory Services Server

PAM Active Directory Authentication

ESXi 4.x

445

TCP

ESXi host

SMB Server

SMB Server

ESXi 4.x

464

TCP

ESXi host

Active Directory Server

PAM Active Directory Authentication - Kerberos

ESXi 4.x

514

UDP

ESX/ESXi Host

Syslog Server

Remote syslog logging

ESXi 4.x

902

TCP

VI / vSphere Client

ESX/ESXi Host

VI / vSphere Client to ESX/ESXi hosted VM connectivity (MKS/Remote Console)

ESXi 4.x

902

TCP/UDP

ESX/ESXi Host

ESX/ESXi Host

Authentication, Provisioning, VM Migration

ESXi 4.x

902

TCP/UDP

ESX/ESXi Host

vCenter 4 Server

Heartbeat

ESXi 4.x

902

TCP

VI / vSphere Client

ESX/ESXi Host

VM Remote VM Console (MKS)

ESXi 4.x

1024 (dynamic)

TCP/UDP

ESXi Host

Active Directory Server

Bi-directional communication on TCP/UDP ports is required between the ESXi host and the Active Directory Domain Controller (via the netlogond process on the ESXi host). See Active Directory and Active Directory Domain Services Port Requirements and MS article 179442.

ESXi 4.x

2049

TCP

ESX/ESXi Host

NFS Server

NFS Client

ESXi 4.x

2049

UDP

ESX/ESXi Host

NFS Server

NFS Client

ESXi 4.x

2050 to 2250

UDP

ESX/ESXi Host

ESX/ESXi Host

VMware HA

ESXi 4.x

3260

TCP

ESX/ESXi Host

iSCSI SAN

Software iSCSI Client and Hardware iSCSI HBA

ESXi 4.x

5900to 5964

TCP

ESX/ESXi Host

ESX/ESXi Host

RFB Protocol used by management toolssuch as VNC

ESXi 4.x

5988

TCP

ESX/ESXi Host

ESX/ESXi Host

CIM Client to CIM Secure Server

ESXi 4.x

5989

TCP

VirtualCenter/vCenter

ESX/ESXi Host

CIM Client to CIM Secure Server

ESXi 4.x

5989

TCP

ESX/ESXi Host

VirtualCenter/vCenter

CIM Secure Server to CIM Client

ESXi 4.x

8000

TCP

ESX/ESXi Host (VM Target)

ESX/ESXi Host (VM Source)

VMotion Communication on VMkernel Interface

ESXi 4.x

8000

TCP

ESX/ESXi Host (VM Source)

ESX/ESXi Host (VM Target)

VMotion Communication on VMkernel Interface

ESXi 4.x

47

UDP

ESX/ESXi Host

Physical Switches

vDS (Virtual Distributed Switch) Broadcast

ESXi 4.x

8042 to 8045

TCP

ESX/ESXi Host

ESX/ESXi Host

VMware HA

ESXi 4.x

8100

TCP/UDP

ESX/ESXi 4 Host

ESX/ESXi 4.x Host

VMware Fault Tolerance. ESX/ESXi 4 only.

ESXi 4.x

8200

TCP/UDP

ESX/ESXi 4 Host

ESX/ESXi 4.x Host

VMware Fault Tolerance. ESX/ESXi 4 only.

ESXi 4.x

8301

UDP

ESX/ESXi 4.x Host

ESX/ESXi 4.x Host

DVS Port Information

ESXi 4.x

8302

UDP

ESX/ESXi 4.x Host

ESX/ESXi 4.x Host

DVS Port Information

ESXi 5.x

22

TCP

Client PC

ESXi 5.x

SSH Server

ESXi 5.x

53

UDP

ESXi 5.x

DNS Server

DNS Client

ESXi 5.x

68

UDP

ESXi 5.x

DHCP Server

DHCP Client

ESXi 5.x

80

TCP

Client PC

ESXi 5.x

Redirect Web Browser to HTTPS Service (443)

ESXi 5.x

88

TCP

ESXi host

Active Directory Server

PAM Active Directory Authentication - Kerberos

ESXi 5.x

111

TCP

ESX/ESXi Host

NFS Server

NFS Client – RPC Portmapper

ESXi 5.x

111

UDP

ESX/ESXi Host

NFS Server

NFS Client – RPC Portmapper

ESXi 5.x

123

UDP

ESX/ESXi Host

NTP Time Server

NTP Client

ESXi 5.x

161

UDP

SNMP Server

ESXi 4.x Host

SNMP Polling. Not used in ESXi 3.x

ESXi 5.x

162

UDP

ESXi Host

SNMP Collector

SNMP Trap Send

ESXi 5.x

389

TCP/UDP

ESXi host

LDAP Server

PAM Active Directory Authentication - Kerberos

ESXi 5.x

427

UDP

VI / vSphere Client

ESX/ESXi Host

CIM Service Location Protocol (SLP)

ESXi 5.x

443

TCP

VI / vSphere Client

ESX/ESXi Host

VI / vSphere Client to ESX/ESXi Host management connection

ESXi 5.x

443

TCP

ESX/ESXi Host

ESX/ESXi Host

Host to host VM migration and provisioning

ESXi 5.x

445

UDP

ESXi host

MS Directory Services Server

PAM Active Directory Authentication

ESXi 5.x

445

TCP

ESXi host

MS Directory Services Server

PAM Active Directory Authentication

ESXi 5.x

445

TCP

ESXi host

SMB Server

SMB Server

ESXi 5.x

464

TCP

ESXi hostSee .

Active Directory Server

PAM Active Directory Authentication - Kerberos

ESXi 5.x

514

UDP/TCP

ESXi 5.x

Syslog Server

Remote syslog logging

ESXi 5.x

902

TCP/UDP

ESXi 5.x

ESXi 5.x

Host access to other hosts for migration and provisioning

ESXi 5.x

902

TCP

vSphere Client

ESXi 5.x

vSphere Client access to virtual machine consoles (MKS)

ESXi 5.x

902

TCP/UDP

ESXi 5.x

vCenter Server

(UDP) Status update (heartbeat) connection from E SXi to vCenter Server

ESXi 5.x

1024 (dynamic)

TCP/UDP

ESXi Host

Active Directory Server

Bi-directional communication on TCP/UDP ports is required between the ESXi host and the Active Directory Domain Controller (via the netlogond process on the ESXi host). See Active Directory and Active Directory Domain Services Port Requirements and MS article 179442.

ESXi 5.x

2049

TCP

ESXi 5.x

NFS Server

Transactions from NFS storage devices

ESXi 5.x

2049

UDP

ESXi 5.x

NFS Server

Transactions from NFS storage devices

ESXi 5.x

3260

TCP

ESXi 5.x

iSCSI storage server

Transactions to iSCSI storage devices

ESXi 5.x

5900 to 5964

TCP

ESXi 5.x

ESXi 5.x

RFB protocol, which is used by management tools such as VNC

ESXi 5.x

5988

TCP

CIM Server

ESXi 5.x

CIM transactions over HTTP

ESXi 5.x

5989

TCP

vCenter Server

ESXi 5.x

CIM XML transactions over HTTPS

ESXi 5.x

5989

TCP

ESXi 5.x

vCenter Server

CIM XML transactions over HTTPS

ESXi 5.x

8000

TCP

ESXi 5.x (VM Target)

ESXi 5.x (VM Source)

Requests from vMotion

ESXi 5.x

8000

TCP

ESXi 5.x (VM Source)

ESXi 5.x (VM Target)

Requests from vMotion

ESXi 5.x

8100

TCP/UDP

ESXi 5.x

ESXi 5.x

Traffic between hosts for vSphere Fault Tolerance (FT)

ESXi 5.x

8182

TCP/UDP

ESXi 5.x

ESXi 5.x

Traffic between hosts for vSphere High Availability (vSphere HA)

ESXi 5.x

8200

TCP/UDP

ESXi 5.x

ESXi 5.x

Traffic between hosts for vSphere Fault Tolerance (FT)

ESXi 5.x

8301

UDP

ESXi 5.x

ESXi 5.x

DVS Port Information

ESXi 5.x

8302

UDP

ESXi 5.x

ESXi 5.x

DVS Port Information

ESXi 5.x

31100

TCP

vCenter

SPS Server

Internal Communication Port

ESXi 5.x

31000

TCP

SPS Server

vCenter

Internal Communication Port

ESXi Dump Collector

6500

UDP

ESXi

vCenter Server

Network coredump server

ESXi Dump Collector

8000

TCP

ESXi

vCenter Server

Network coredump web port

ESXi Syslog Collector

8001

TCP

ESXi

vCenter Server

Network syslog server

Guided Consolidation

135

TCP/UDP

Consolidation Target (Physical Server)

vCenter Converter Server

Microsoft DCE Locator Service, also known at End-Point Mapper

Guided Consolidation

137

TCP/UDP

Consolidation Target (Physical Server)

vCenter Converter Server

NetBIOS names service. Firewall administrators frequently see larger numbers of incoming packets to port 137. This is because of Windows servers that use NetBIOS (as well as DNS) to resolve IP addresses to names using the gethostbyaddr() function. As users behind the firewalls visit Windows-based Web sites, those servers frequently respond with NetBIOS lookups.

Guided Consolidation

138

TCP/UDP

Consolidation Target (Physical Server)

vCenter Converter Server

NetBIOS datagram Used by Windows, as well as UNIX services (such as SAMBA). Port 138 is used primarily by the SMB browser service that obtains Network Neighborhood information.

Guided Consolidation

139

TCP/UDP

Consolidation Target (Physical Server)

vCenter Converter Server

NetBIOS Session Windows File and Printer sharing.

Guided Consolidation

445

TCP/UDP

Consolidation Target (Physical Server)

vCenter Converter Server

DNS Direct Hosting port. In Windows 2000 and Windows XP, redirector and server components now support direct hosting for communicating with other computers running Windows 2000 or Windows XP. Direct hosting does not use NetBIOS for name resolution. DNS is used for name resolution, and the Microsoft networking communication is sent directly over TCP without a NetBIOS header. Direct hosting over TCP/IP uses TCP and UDP port 445 instead of the NetBIOS session TCP port 139.

Heartbeat

52267

TCP

vCenter Server Heartbeat Console

vCenter Server Heartbeat Server

Client Connection Port

Heartbeat

57348

TCP

vCenter Server Primary Server

vCenter Server Secondary Server

Default Channel Port to communicate between Primary and Secondary server

Lab Manager

137

UDP

ESX/ESXi Host

SMB File Server

SMB File Sharing for Importing/Exporting VMs. ESXi requires Lab Manager 4.x

Lab Manager

138

UDP

ESX/ESXi Host

SMB File Server

SMB File Sharing for Importing/Exporting VMs. ESXi requires Lab Manager 4.x

Lab Manager

139

TCP

ESX/ESXi Host

SMB File Server

SMB File Sharing for Importing/Exporting VMs. ESXi requires Lab Manager 4.x

Lab Manager

389

TCP/UDP

Lab Manager Server

LDAP Server

LDAP Authentication (optional)

Lab Manager

443

TCP

Client PC

Lab Manager Server

Lab Manager Console (Web Browser)

Lab Manager

443

TCP

Lab Manager Server

vCenter Server

Lab Manager to vCenter Server Communication

Lab Manager

445

TCP

ESX/ESXi Host

SMB File Server

SMB File Sharing for Importing/Exporting VMs. ESXi requires Lab Manager 4.x

Lab Manager

514

TCP

Lab Manager Server

Virtual Router

Update IP tables and routing on the vRouter

Lab Manager

636

TCP

Lab Manager Server

LDAP Server

LDAPS Authentication (optional)

Lab Manager

1433

TCP

Lab Manager Server

Microsoft SQL Server

Lab Manager Connectivity to Microsoft SQL Server (for LM database)

Lab Manager

5212

TCP

Lab Manager Server

ESX/ESXi Host

Lab Manager Agent. ESXi requires Lab Manager 4.x

Orchestrator

25

TCP

VCO Server

SMTP Server

Email notifications

Orchestrator

389

TCP/UDP

VCO Server

LDAP Server

LDAP Authentication

Orchestrator

443

TCP

VCO Server

vCenter Server

Used to obtain virtual infrastructure and virtual machine information from orchestrated vCenter Server(s) through the vCenter API

Orchestrator

636

TCP

VCO Server

LDAP Server

VCO uses LDAP authentication and group membership to determine role authorization in LCM and access to VMs/requests. This is the SSL secured LDAP protocol LDAPS (the SSL pendent of 389). This is used for secured LDAP authentication

Orchestrator

1433

TCP

VCO Server

Microsoft SQL Server

vCenter Orchestrator Server to Microsoft SQL Server for VCO Database

Orchestrator

1521

TCP

VCO Server

Oracle Database Server

vCenter Orchestrator Server to Oracle for VCO Database

Orchestrator

3306

TCP

VCO Server

MySQL Server

vCenter Orchestrator Server to MySQL Server for VCO Database

Orchestrator

5432

TCP

VCO Server

PostgresSQL Server

vCenter Orchestrator Server to PostgresSQL Server for VCO Database

Orchestrator

8230

TCP

VCO Client

VCO Server

Lookup port – The main port to communicate with Orchestrator Configurator server (JNDI port). All other ports communicate with the Orchestrator Configurator smart client through this one. It is part of the JBoss Application server infrastructure

Orchestrator

8240

TCP

VCO Client

VCO Server

Command port – The application communication port (RMI container port), it is used for remote invocations. It is part of the JBoss Application server infrastructure.

Orchestrator

8244

TCP

VCO Client

VCO Server

Data port used to access all Orchestrator data models, such as workflows and policies. It is part of the JBoss application server infrastructure.

Orchestrator

8250

TCP

VCO Client

VCO Server

Messaging port – The Java messaging port used to dispatch events. It is part of the JBoss Application server infrastructure

Orchestrator

8280

TCP

VCO Server

VCO Server

Port used by VCO Server to connect to the Web front-end via HTTP

Orchestrator

8281

TCP

VCO Server

VCO Server

Port used by VCO Server to connect to the Web front-end via HTTPS

Orchestrator

8281

TCP

vCenter Server

VCO Server

Port used by VCO Server to connect to vCenter Server to communicate with the vCenter API

Orchestrator

8282

TCP

VCO Client PC

VCO Server

HTTP server port – Port used by the HTTP connector to connect to the Web frontend.

Orchestrator

8283

TCP

VCO Client PC

VCO Server

HTTPS server port – Port used by HTTP connector to connect to the Web frontend. Requires Jetty to be configured for SSL.

Site Recovery Manager1.x-4.x

80

TCP

Site Recovery Manager

Remote vCenter Server

SRM communication. SRM Server at Site A to vCenter Server at Site B (failover) over HTTP and SSL tunnel

Site Recovery Manager1.x-4.x

80

TCP

Site Recovery Manager

Remote vCenter Server

SRM communication with local vCenter Server (inventory)  vSphere Client Plug-in download

Site Recovery Manager1.x-4.x

443

TCP

Site Recovery Manager

Remote vCenter Server

SRM communication with remote vCenter Server via HTTP over SSL tunnel

Site Recovery Manager1.x-4.x

902

TCP

Site Recovery Manager

Remote ESX/ESXi Host

Update/communicate tovirtual machine files over NFC for IP customization/RDMs

Site Recovery Manager1.x-4.x

1433

TCP

Site Recovery Manager

Microsoft SQL Server

SRM Connectivity to Microsoft SQL Server (for SRM database)

Site Recovery Manager1.x-4.x

1521

TCP

Site Recovery Manager

Oracle Database Server

SRM Connectivity to Oracle (for SRM database)

Site Recovery Manager1.x-4.x

1526

TCP

Site Recovery Manager

Oracle Database Server

SRM Connectivity to Oracle (for SRM database)

Site Recovery Manager1.x-4.x

5000

TCP

Site Recovery Manager

IBM DB2 Database Server

SRM Connectivity to IBM DB/2 (for SRM database)

Site Recovery Manager1.x-4.x

8095

TCP

vSphere Client

vCenter Server

SRM server and vCenter Server (intrasite only).

Site Recovery Manager1.x-4.x

8095

TCP

vSphere Client

Site Recovery Manager

SRM client plug-in to communicate with vCenter Server

Site Recovery Manager1.x-4.x

8096

TCP

Site Recovery Manager

vCenter Server

vCenter Server (for Plug-in download).

Site Recovery Manager1.x-4.x

9007

TCP

Site Recovery Manager

External SRM API Client

SRM communication via WSDL

Site Recovery Manager1.x-4.x

9007

TCP

vSphere Client

vCenter Server

SRM client plugin to communicate with vCenter Server

Site Recovery Manager1.x-4.x

9008

TCP

Site Recovery Manager

External SRM API Client

SRM communication via HTTP

Site Recovery Manager 5.x

80

TCP

Site Recovery Manager

Remote vCenter Server

SRM communication. SRM Server at Site A to vCenter Server at Site B (failover) over HTTP and SSL tunnel

Site Recovery Manager 5.x

80

TCP

Site Recovery Manager

Remote vCenter Server

SRM communication with local vCenter server (inventory)  vSphere Client Plug-in download

Site Recovery Manager 5.x

443

TCP

Site Recovery Manager

Remote vCenter Server

SRM communication with remote vCenter Server via HTTP over SSL tunnel

Site Recovery Manager 5.x

902

TCP

Site Recovery Manager

Remote ESX/ESXi host

Update/communicate to virtual machines files over NFC for IP customization/RDMs

Site Recovery Manager 5.x

1433

TCP

Site Recovery Manager

Microsoft SQL Server

SRM Connectivity to Microsoft SQL Server (for SRM database)

Site Recovery Manager 5.x

1521

TCP

Site Recovery Manager

Oracle Database Server

SRM Connectivity to Oracle (for SRM database)

Site Recovery Manager 5.x

1526

TCP

Site Recovery Manager

Oracle Database Server

SRM Connectivity to Oracle (for SRM database)

Site Recovery Manager 5.x

5000

TCP

Site Recovery Manager

IBM DB2 Database Server

SRM Connectivity to IBM DB/2 (for SRM database)

Site Recovery Manager 5.x

5480

TCP

Site Recovery Manager Web User Interface

HBR Server Appliance

vSphere Replication web user interface to HBR server appliance

Site Recovery Manager 5.x

8043

TCP

vCenter Proxy

HMS Appliance

SOAP port between vCenter Proxy and HMS

Site Recovery Manager 5.x

8080

TCP

Site Recovery Manager Web User Interface

HMS Appliance

VAMI web user interface to HMS appliance

Site Recovery Manager 5.x

8095

TCP

Site Recovery Manager

vCenter server

SRM server and vCenter server (intrasite only).

Site Recovery Manager 5.x

8095

TCP

vSphere Client

Site Recovery Manager

SRM client plugin to communicate with SRM server

Site Recovery Manager 5.x

8095

TCP

vSphere Client

vCenter server

SRM client plugin to communicate with vCenter server

Site Recovery Manager 5.x

8096

TCP

Site Recovery Manager

vCenter server

vCenter server (for plug-in download).

Site Recovery Manager 5.x

8123

TCP

Site Recovery Manager

vSphere Replication Management Server

SOAP port between SRM and vSphere Replication Management server

Site Recovery Manager 5.x

9007

TCP

Site Recovery Manager

External SRM API Client

SRM communication via WSDL

Site Recovery Manager 5.x

9007

TCP

vSphere Client

vCenter server

SRM client plugin to communicate with vCenter server

Site Recovery Manager 5.x

9008

TCP

Site Recovery Manager

External SRM API Client

SRM communication via HTTP

Site Recovery Manager 5.x

9085

TCP

Site Recovery Manager

Site Recovery Manger

HTTP interface for downloading the UI plugin and icons

Site Recovery Manager 5.x

31031

TCP

vSphere Replication

vSphere Replication

HBR replication traffic

Site Recovery Manager 5.x

44046

TCP

vSphere Replication

vSphere Replication

HBR replication traffic

Stage Manager

137

UDP

ESX Host

SMB File Server

SMB File Sharing for Importing/Exporting VMs

Stage Manager

138

UDP

ESX Host

SMB File Server

SMB File Sharing for Importing/Exporting VMs

Stage Manager

139

TCP

ESX Host

SMB File Server

SMB File Sharing for Importing/Exporting VMs

Stage Manager

389

TCP/UDP

Stage Manager Server

LDAP Server

LDAP Authentication (optional)

Stage Manager

443

TCP

Client PC

Stage Manager Server

Stage Manager Console (Web Browser)

Stage Manager

443

TCP

Stage Manager Server

ESX Host

Stage Manager Server communication with ESX Host Agent

Stage Manager

443

TCP

Stage Manager Server

vCenter Server

Stage Manager Server communication with vCenter Server

Stage Manager

445

TCP

ESX Host

SMB File Server

SMB File Sharing for Importing/Exporting VMs

Stage Manager

514

TCP

Stage Manager Server

ESX Host

ESX Host Virtual Router

Stage Manager

636

TCP

Stage Manager Server

LDAP Server

LDAPS Authentication (optional)

Stage Manager

5212

TCP

Stage Manager Server

ESX Host

Stage Manager Agent

Update Manager

80

TCP

Update Manager Server

www.vmware.com and xml.shavlik.com

To obtain metadata for the updates, Update Manager must be able to connect to http://www.vmware.com and http://xml.shavlik.com

Update Manager

80

TCP

ESX/ESXi Host

Update Manager Host

ESX/ESXi Host to Update Manager Server. The reverse proxy forwards the request to port 9084

Update Manager

80

TCP

Update Manager Server

vCenter Server

Update Manager to vCenter Server communication

Update Manager

443

TCP

Update Manager Server

www.vmware.com and xml.shavlik.com

To obtain metadata for the updates, Update Manager must be able to connect to http://www.vmware.com and http://xml.shavlik.com

Update Manager

443

TCP

ESX/ESXi Host

Update Manager Server

ESX/ESXi Host to Update Manager Server . The reverse proxy forwards the request to port 9084

Update Manager

443

TCP

vCenter Server

Update Manager Server

vCenter Server to Update Manager Server. The reverse proxy forwards the request to port 8084

Update Manager

735

TCP

Update Manager Server

Virtual Machines

Update Managerlistenerport (rdevServer.exe) part of theRemote Device Server used for virtual machine patching.

Update Manager

902

TCP

Update Manager Server

ESX/ESXi Host

To push patches and updates from Update Manager to the ESX/ESXi Hosts to be updated

Update Manager

1433

TCP

Update Manager Server

Microsoft SQL Server

Update Manager to Microsoft SQL Server connectivity (for UM Database)

Update Manager

1521

TCP

Update Manager Server

Oracle Database Server

Update Manager to Oracle connectivity (for UM Database)

Update Manager

8084

TCP

Update Manager Server

vCenter Server

SOAP between components of Update Manager Server and the vCenter Update Manager client plug-in. Configurable at install.

Update Manager

9084

TCP

ESX/ESXi host

Update Manager Server

ESX/ESXi hosts connect to the VUM (VMware Update Manager) webserver listening for updates. Configurable at install.

Update Manager

9087

TCP

Update Manager Server

vCenter Server

Port used for uploading host update files. Configurable at install.

Update Manager

9000 to 9100

TCP

ESX/ESXi Host

Update Manager Server

This is the recommend port range from which to choose ports for Update Manager if ports 80 and 443 are already in use. Update Manager automatically opens these ports for ESX Host scanning and remediation.

vCenter 2.5.x

25

TCP

vCenter Server

SMTP Server

Email notifications

vCenter 2.5.x

53

UDP

vCenter Server

DNS Server

DNS lookups

vCenter 2.5.x

80

TCP

Client PC

vCenter Server

Redirect Web Browser to HTTPS Service (443)

vCenter 2.5.x

88

TCP

vCenter Server

Active Directory Server

AD Authentication

vCenter 2.5.x

88

UDP

vCenter Server

Active Directory Server

AD Authentication

vCenter 2.5.x

161

UDP

SNMP Server

vCenter Server

SNMP Polling

vCenter 2.5.x

162

UDP

vCenter Server

SNMP Server

SNMP Trap Send

vCenter 2.5.x

389

TCP/UDP

vCenter Server

LDAP Server

LDAP Authentication

vCenter 2.5.x

443

TCP

vCenter Server

ESX/ESXi Host

vCenter Agent

vCenter 2.5.x

443

TCP

Client PC

vCenter Server

VI Web Access (Web Browser)

vCenter 2.5.x

443

TCP

VI / vSphere Client

vCenter Server

VI / vSphere Client access to vCenter Server

vCenter 2.5.x

445

TCP

vCenter Server

Active Directory Server

AD Authentication

vCenter 2.5.x

445

UDP

vCenter Server

Active Directory Server

AD Authentication

vCenter 2.5.x

902

TCP/UDP

vCenter Server

ESX/ESXi Host

Heartbeat

vCenter 2.5.x

902

TCP/UDP

ESX/ESXi Host

vCenter Server

Heartbeat

vCenter 2.5.x

903

TCP

Client PC

vCenter Server

VI / vSphere Client to VM Console

vCenter 2.5.x

903

TCP

vCenter Server

ESX/ESXi Host

VI / vSphere Client to VM Console (after connection established between VI / vSphere Client and vCenter)

vCenter 2.5.x

1433

TCP

vCenter Server

Microsoft SQL Server

For vCenter Microsoft SQL Server Database

vCenter 2.5.x

1521

TCP

vCenter Server

Oracle Database Server

For vCenter Oracle Database

vCenter 2.5.x

5989

TCP

VirtualCenter/vCenter

ESX/ESXi Host

vCenter to ESX

vCenter 2.5.x

5989

TCP

ESX/ESXi Host

VirtualCenter/vCenter

ESX to vCenter

vCenter 2.5.x

8005

TCP

vCenter Server

vCenter Server

Internal Communication Port

vCenter 2.5.x

8006

TCP

vCenter Server

vCenter Server

Internal Communication Port

vCenter 2.5.x

8083

TCP

vCenter Server

vCenter Server

Internal Service Diagnostics

vCenter 2.5.x

8085

TCP

vCenter Server

vCenter Server

Internal Service Diagnostics/SDK

vCenter 2.5.x

8086

TCP

vCenter Server

vCenter Server

Internal Communication Port

vCenter 2.5.x

8087

TCP

vCenter Server

vCenter Server

Internal Service Diagnostics

vCenter 2.5.x

27000

TCP

vCenter Server

VMware License Server

Licensing via FlexLM. Only required by vCenter 4 if ESX/ESXi 3.x Hosts will be supported

vCenter 2.5.x

27000

TCP

VMware License Server

vCenter Server

Licensing via FlexLM. Only required by vCenter 4 if ESX/ESXi 3.x Hosts will be supported

vCenter 2.5.x

27010

TCP

vCenter Server

VMware License Server

Licensing via FlexLM. Only required by vCenter 4 if ESX/ESXi 3.x Hosts will be supported

vCenter 2.5.x

27010

TCP

VMware License Server

vCenter Server

Licensing via FlexLM. Only required by vCenter 4 if ESX/ESXi 3.x Hosts will be supported

vCenter 4.x

25

TCP

vCenter Server

SMTP Server

Email notifications

vCenter 4.x

53

UDP

vCenter Server

DNS Server

DNS lookups

vCenter 4.x

80

TCP

Client PC

vCenter Server

Redirect Web Browser to HTTPS Service (443)

vCenter 4.x

80

TCP

vCenter Server

ESX/ESXi 4.x

DPM with IPMI (iLO/BMC) ASF Remote Management and Control Protocol

vCenter 4.x

88

UDP

vCenter Server

Active Directory Server

AD Authentication

vCenter 4.x

88

TCP

vCenter Server

Active Directory Server

AD Authentication

vCenter 4.x

135

TCP

vCenter Server

vCenter Server

Linked Mode

vCenter 4.x

161

UDP

SNMP Server

vCenter Server

SNMP Polling

vCenter 4.x

162

UDP

vCenter Server

SNMP Server

SNMP Trap Send

vCenter 4.x

389

TCP/UDP

vCenter Server

Linked vCenter Servers

Bi-directional LDAP authentication with Kerberos encryption on TCP port 389 is required between all vCenters that need to replicate.

vCenter 4.x

443

TCP

vCenter Server

ESX/ESXi Host

vCenter Agent

vCenter 4.x

443

TCP

vCenter Server

ESX/ESXi 4.x

Host DPM with HP iLO Remote Management and Control Protocol

vCenter 4.x

443

TCP

Client PC

vCenter Server

VI Web Access (Web Browser)

vCenter 4.x

443

TCP

vSphere Client

vCenter Server

vSphere Client access to vCenter Server

vCenter 4.x

445

TCP

vCenter Server

Active Directory Server

AD Authentication

vCenter 4.x

445

UDP

vCenter Server

Active Directory Server

AD Authentication

vCenter 4.x

623

UDP

vCenter Server

ESX/ESXi 4.x Host

DPM with IPMI (iLO/BMC) ASF Remote Management and Control Protocol

vCenter 4.x

636

TCP

vCenter Server

Linked vCenter Servers

Linked mode connectivity between vCenter Servers

vCenter 4.x

902

TCP/UDP

vCenter Server

ESX/ESXi Host

Heartbeat

vCenter 4.x

902

TCP/UDP

ESX/ESXi Host

vCenter Server

Heartbeat

vCenter 4.x

903

TCP

Client PC

vCenter Server

VI / vSphere Client to VM Console

vCenter 4.x

902

TCP

vCenter Server

ESX/ESXi Host

VI / vSphere Client to VM Console (after connection established between VI / vSphere Client and vCenter)

vCenter 4.x

1024 (dynamic)

RPC

Linked vCenter Servers

Linked vCenter Servers

Bi-directional RPC communication on dynamic TCP ports is required between all vCenters that need to replicate (via ADAM). A VIC still needs a direct connection to all vCenters that own an object it needs to manage.

vCenter 4.x

1433

TCP

vCenter Server

Microsoft SQL Server

For vCenter Microsoft SQL Server Database

vCenter 4.x

1521

TCP

vCenter Server

Oracle Database Server

For vCenter Oracle Database

vCenter 4.x

5989

TCP

vCenter Server

ESX/ESXi Host

vCenter to ESX

vCenter 4.x

5989

TCP

ESX/ESXi Host

vCenter Server

ESX to vCenter

vCenter 4.x

8005

TCP

vCenter Server

vCenter Server

Internal Communication Port

vCenter 4.x

8006

TCP

vCenter Server

vCenter Server

Internal Communication Port

vCenter 4.x

8080

TCP

Client PC

vCenter Server 4.x

VMware vCenter 4 Management Web Services - HTTP

vCenter 4.x

8083

TCP

vCenter Server

vCenter Server

Internal Service Diagnostics

vCenter 4.x

8085

TCP

vCenter Server

vCenter Server

Internal Service Diagnostics/SDK

vCenter 4.x

8086

TCP

vCenter Server

vCenter Server

Internal Communication Port

vCenter 4.x

8087

TCP

vCenter Server

vCenter Server

Internal Service Diagnostics

vCenter 4.x

8443

TCP

Client PC

vCenter Server 4.x

VMware vCenter 4 Management Web Services - HTTPS

vCenter 4.x

8443

TCP

vCenter Server

vCenter Server

Linked Mode

vCenter 4.x

27000

TCP

vCenter Server

VMware License Server

Licensing via FlexLM. Only required by vCenter 4 if ESX/ESXi 3.x Hosts will be supported

vCenter 4.x

27000

TCP

VMware License Server

vCenter Server

Licensing via FlexLM. Only required by vCenter 4 if ESX/ESXi 3.x Hosts will be supported

vCenter 4.x

27010

TCP

vCenter Server

VMware License Server

Licensing via FlexLM. Only required by vCenter 4 if ESX/ESXi 3.x Hosts will be supported

vCenter 4.x

27010

TCP

VMware License Server

vCenter Server

Licensing via FlexLM. Only required by vCenter 4 if ESX/ESXi 3.x Hosts will be supported

vCenter 4.1

60099

TCP

vCenter Server

vCenter Server Services

This port is for internal communication between vCenter Server and its solutions. Specifically, it is used to exchange messages about inventory. If you do not have it open, a solution that integrates with vCenter Server using this service may be affected.

vCenter 5.x

25

TCP

vCenter Server

SMTP Server

Email notifications

vCenter 5.x

53

UDP

vCenter Server

DNS Server

DNS lookups

vCenter 5.x

80

TCP

Client PC

vCenter Server

vCenter Server requires port 80 for direct HTTP connections.

vCenter 5.x

80

TCP

vCenter Server

ESXi 5.x

DPM with IPMI (iLO/BMC) ASF Remote Management and Control Protocol

vCenter 5.x

88

UDP

vCenter Server

Active Directory Server

AD Authentication

vCenter 5.x

88

TCP

vCenter Server

Active Directory Server

AD Authentication

vCenter 5.x

135

TCP

vCenter Server

vCenter Server

Linked Mode

vCenter 5.x

161

UDP

SNMP Server

vCenter Server

SNMP Polling

vCenter 5.x

162

UDP

vCenter Server

SNMP Server

SNMP Trap Send

vCenter 5.x

389

TCP/UDP

vCenter Server

Linked vCenter Servers

This is the LDAP port number for the Directory Services for the vCenter Server group. The vCenter Server system needs to bind to port 389, even if you are not joining this vCenter Server instance to a Linked Mode group. If another service is running on this port, you can run the LDAP service on any port from 1025 through 65535.

vCenter 5.x

443

TCP

vSphere Client

vCenter Server

vCenter Server system uses to listen for connections from the vSphere Client.

vCenter 5.x

443

TCP

vCenter Server

ESXi 5.x

vCenter Agent. Host DPM with HP iLO Remote Management and Control Protocol

vCenter 5.x

623

UDP

vCenter Server

ESXi 5.x

DPM with IPMI (iLO/BMC) ASF Remote Management and Control Protocol

vCenter 5.x

636

TCP

vCenter Servers

Linked vCenter Servers

vCenter Server Linked Mode, this is the SSL port of the local instance.

vCenter 5.x

902

TCP

vCenter Server

ESXi 5.x

vCenter Server system uses to send data to managed hosts. This port must not be blocked by firewalls between the server and the hosts or between hosts.

vCenter 5.x

902

UDP

vCenter Server

ESXi 5.x

Managed hosts send a regular heartbeat to the vCenter Server system. This port must not be blocked by firewalls between the server and the hosts or between hosts.

vCenter 5.x

902

TCP/UDP

vSphere Client

ESXi 5.x

vSphere Client uses this ports to display virtual machine consoles.

vCenter 5.x

902

TCP/UDP

ESXi 5.x

ESXi 5.x

Host access to other hosts for migration and provisioning

vCenter 5.x

903

TCP

vSphere Client

ESXi 5.x

Remote console traffic generated by user access to virtual machines on a specific host.

vCenter 5.x

1024 (dynamic)

RPC

Linked vCenter Servers

Linked vCenter Servers

Bi-directional RPC communication on dynamic TCP ports is required between all vCenters that need to replicate (via ADAM). A VIC still needs a direct connection to all vCenters that own an object it needs to manage.

vCenter 5.x

1433

TCP

vCenter Server

Microsoft SQL Server

For vCenter Microsoft SQL Server Database

vCenter 5.x

1521

TCP

vCenter Server

Oracle Database Server

For vCenter Oracle Database

vCenter 5.x

5988

TCP

ESXi 5.x

vCenter Server

CIM transactions over HTTP

vCenter 5.x

5989

TCP

vCenter Server

ESXi 5.x

CIM XML transactions over HTTPS

vCenter 5.x

5989

TCP

ESXi 5.x

vCenter Server

CIM XML transactions over HTTPS

vCenter 5.x

7500

UDP

vCenter Server

vCenter Server

Linked Mode, Java Discovery Port

vCenter 5.x

8000

TCP

vCenter Server

ESXi 5.x

Requests from vMotion

vCenter 5.x

8005

TCP

vCenter Server

vCenter Server

Internal Communication Port

vCenter 5.x

8006

TCP

vCenter Server

vCenter Server

Internal Communication Port

vCenter 5.x

8080

TCP

Client PC

vCenter Server

Web Services HTTP. Used for the VMware VirtualCenter Management Web Services.

vCenter 5.x

8083

TCP

vCenter Server

vCenter Server

Internal Service Diagnostics

vCenter 5.x

8085

TCP

vCenter Server

vCenter Server

Internal Service Diagnostics/SDK

vCenter 5.x

8086

TCP

vCenter Server

vCenter Server

Internal Communication Port

vCenter 5.x

8087

TCP

vCenter Server

vCenter Server

Internal Service Diagnostics

vCenter 5.x

8443

TCP

Client PC

vCenter Server

Web Services HTTPS. Used for the VMware VirtualCenter Management Web Services.

vCenter 5.x

8443

TCP

vCenter Server

vCenter Server

Linked Mode

vCenter 5.x

9443

TCP

Client PC

vCenter Server

vSphere Web Client Access

vCenter 5.x

10109

TCP

vCenter Server

vCenter Server

vCenter Inventory Service Service Management

vCenter 5.x

10111

TCP

vCenter Server

vCenter Server

vCenter Inventory Service Linked Mode Communication

vCenter 5.x

10443

TCP

Client PC

vCenter Server

vCenter Inventory Service HTTPS

vCenter 5.x

51915

TCP

ESXi

vSphere Authentication Proxy

This is a web service, which is used to add host to Active Directory domain.

vCenter 5.x

60099

TCP

vCenter Server

vCenter Server

Web Service change service notification port

vCenter Infrastructure Navigator 1.x

22

TCP

Client PC

vCenter Infrastructure Navigator Appliance

Enables SSH access to vCenter Infrastructure Appliance

vCenter Infrastructure Navigator 1.x

80

TCP

vCenter Infrastructure Navigator

vSphere Web service API

HTTP web service

vCenter Infrastructure Navigator 1.x

443

TCP

vCenter Infrastructure Navigator

vSphere Web service API

HTTPS web service

vCenter Infrastructure Navigator 1.x

443

TCP

vCenter Infrastructure Navigator

ESX/ESXi hosts and virtual machines

VIX protocol on target hosts to perform discovery

vCenter Infrastructure Navigator 1.x

902

TCP

vCenter Infrastructure Navigator

ESX/ESXi hosts and virtual machines

VIX protocol on target hosts to perform discovery

vCenter Infrastructure Navigator 1.x

2868

TCP

vCenter Server

vCenter Infrastructure Navigator

Plug-in downloads. This download happens as part of the registration process.

vCenter Infrastructure Navigator 1.x

6969

TCP

vCenter Server

vCenter Infrastructure Navigator

Connectivity from vSphere Web Client to vCenter Infrastructure Navigator

vCloud Usage Meter

80

TCP

vCloud Usage Meter

vCenter Server

This is for vSphere API

vCloud Usage Meter

443

TCP

vCloud Usage Meter

vCenter Server

This is for vSphere API

vCloud Usage Meter

5480

TCP

vCenter Update Manager

vCloud Usage Meter

This is used for virtual appliance updates

vCloud Usage Meter

8443

TCP

Client Browser

vCloud Usage Meter

This is for WebApp

vCenter Operations Standard 1.x

22

TCP

SSH Client

vCenter Operations Standard 1.x virtual appliance

Enables SSH access to the vCenter Operations Standard virtual appliance

vCenter Operations Standard 1.x

443

TCP

Browser or vSphere Client plugin

vCenter Operations Standard 1.x virtual appliance

HTTPS server port for the vCenter Operations Standard Administration page

vCenter Operations Standard 1.x

5480

TCP

Browser

vCenter Operations Standard 1.x virtual appliance

HTTPS server port for the VMware Studio Web console to administer the virtual appliance

vCenter Operations Manager (vApp) 5.x

80

TCP

Browser

vCenter Operations Manager UI VM

HTTP server port that unconditionally redirects to HTTPS port

vCenter Operations Manager (vApp) 5.x

443

TCP

Browser or vSphere Client plugin

vCenter Operations Manager UI VM

HTTPS server port for the vCenter Operations Manager UIs: Administration, vSphere, and Custom

vCenter Operations Manager (vApp) 5.x

22

TCP

SSH Client

vCenter Operations Manager UI VM, vCenter Operations Manager Analytics VM

Enables SSH access to the vCenter Operations Manager virtual appliance

vCenter Operations Manager (vApp) 5.x

1194

TCP

vCenter Operations Manager Analytics VM

vCenter Operations Manager UI VM

Open VPN tunnel for communication between the two VMs

vCenter Operations Manager (Standalone) 5.x

443

TCP

vCenter Operations Manager UI VM, vCenter Operations Manager Analytics VM

vCenter Server

UI VM: Registration of vCenter Operations Manager as an extension to vCenter, Analytics VM: Collecting metric data from vCenter

vCenter Operations Manager (Standalone) 5.x

80

TCP

Browser

vCenter Operations Manager (Standalone)

(If chosen during configuration) HTTP port to access vCenter Operations Manager UI

vCenter Operations Manager (Standalone) 5.x

443

TCP

Browser

vCenter Operations Manager (Standalone)

(If chosen during configuration) HTTPS port to access vCenter Operations Manager UI

vCenter Operations Manager (Standalone) 5.x

1199

TCP

vCenter Operations Manager remote collector

vCenter Operations Manager (Standalone)

Heartbeat connection between remote collector and main vCenter Operations Manager server

vCenter Operations Manager (Standalone) 5.x

61616

TCP

vCenter Operations Manager remote collector

vCenter Operations Manager (Standalone)

Connection between remote collector and ActiveMQ component on the main vCenter Operations Manager server

vCenter Operations Manager (Standalone) 5.x

443

TCP

vCenter Operations Manager local/remote collector

vCenter Server

Connection between remote collector and ActiveMQ component on the main vCenter Operations Manager server

View 3.x

3389

TCP

Thin Client

ESX host

RDP Protocol

View 3.x

18443

TCP

View Connection Server/View Manager

vCenter Server

View Composer

View 3.x

32111

TCP

View Agent (Virtual Desktop)

View Client

USB Device Communication

View 3.x

32111

TCP

View Client

View Agent (Virtual Desktop)

USB Device Communication

View 4.0.x

902

TCP

View Client/View Client with Offline Desktop

ESX Host

(Optional) View Client with Offline Desktop data is downloaded and uploaded through this port.

View 4.0.x

3268

TCP

View/VDM Connection Server/View Manager

Active Directory Server

Global Catalog Server

View 4.0.x

3269

TCP

View/VDM Connection Server/View Manager

Active Directory Server

Global Catalog Server

View 4.0.x

3389

TCP

Thin Client

ESX host

RDP Protocol

View 4.0.x

9427

TCP

View Client/View Client with Offline Desktop

View Agent (Virtual Desktop)

(Optional) Multimedia Redirection (MMR). MMR is supported by View Client and View Client with Offline Desktop on certain operating systems.

View 4.0.x

18443

TCP

View Connection Server/View Manager

vCenter Server

View Composer

View 4.0.x

50002

TCP/UDP

View Agent (Virtual Desktop)

View Client

PCoIP (AES 128-bit encryption)

View 4.0.x

50002

TCP/UDP

View Client

View Agent (Virtual Desktop)

PCoIP (AES 128-bit encryption)

View 4.5.x

-

-

-

-

For more information, see Network connectivity requirements for VMware View Manager 4.5 and later (1027217).

View 4.5.x

80/443

TCP

View Client with Local Mode

View Transfer Server

HTTP(S) access via direct connection for downloading and uploading Local Mode data

View 4.5.x

80/443

TCP

Security Server

View Transfer Server

HTTP(S) access via tunnel connection for downloading and uploading Local Mode data

View 4.5.x

902

TCP

View Connection Server

ESX Host

Used when checking out local desktops. Must be accessible on your ESX host when using View Client with Local Mode.

View 4.5.x

902

TCP

View Transfer Server

ESX Host

Publishing View Composer packages for Local Mode

View 4.5.x

4001

TCP

View Connection Server

View Transfer Server

Required by JMS for Local Mode

View 4.5.x

4172

TCP/UDP

View Client

View Agent (Virtual Desktop)

PCoIP (AES 128-bit encryption)

View 4.5.x

50002

UDP

View Agent (Virtual Desktop)

View Client

PCoIP (AES 128-bit encryption)

View 4.6.x

-

-

-

-

For more information, see Network connectivity requirements for VMware View Manager 4.5 and later (1027217).

View 4.6.x

80/443

TCP

View Client with Local Mode

View Transfer Server

HTTP(S) access via direct connection for downloading and uploading Local Mode data

View 4.6.x

80/443

TCP

Security Server

View Transfer Server

HTTP(S) access via direct connection for downloading and uploading Local Mode data

View 4.6.x

902

TCP

View Connection Server

ESX Host

Used when checking out local desktops. Must be accessible on your ESX host when using View Client with Local Mode.

View 4.6.x

902

TCP

View Transfer Server

ESX Host

Publishing View Composer packages for Local Mode

View 4.6.x

4001

TCP

View Connection Server

View Transfer Server

Required by JMS for Local Mode

View 4.6.x

4172

TCP/UDP

View Client

View Agent (Virtual Desktop)

PCoIP (AES 128-bit encryption)

View 4.6.x

50002

UDP

View Agent (Virtual Desktop)

View Client

PCoIP (AES 128-bit encryption)

View 5.x

-

-

-

-

For more information, see Network connectivity requirements for VMware View Manager 4.5 and later (1027217).

View 5.x

80/443

TCP

View Client with Local Mode

View Transfer Server 

HTTP(S) access via direct connection for downloading and uploading Local Mode data

View 5.x

80/443

TCP

Security Server

View Transfer Server 

HTTP(S) access via direct connection for downloading and uploading Local Mode data

View 5.x

902 

TCP

View Connection Server

ESX Host

Used when checking out local desktops. Must be accessible on your ESX host when using View Client with Local Mode. 

View 5.x

902

TCP

View Transfer Server 

ESX Host

Publishing View Composer packages for Local Mode

View 5.x

4001

TCP

View Connection Server

View Transfer Server 

Required by JMS for Local Mode

View 5.x

4172

TCP/UDP 

View Client

View Agent (Virtual Desktop)

PCoIP (AES 128-bit encryption)

View 5.x

50002

UDP 

View Agent (Virtual Desktop)

View Client

PCoIP (AES 128-bit encryption)

View/VDM 2.x

80

TCP

View/VDM Client

View/VDM Security Server

VDM Access (not required if only HTTPS is to be supported)

View/VDM 2.x

80

TCP

Client PC

View/VDM Security Server

VDM Web Access (not required if only HTTPS is to be supported). The Security Server used as a proxy in a DMZ to allow for external connections in. The View Manager/Connection Broker has an ADAM instance on it.

View/VDM 2.x

80

TCP

View/VDM Client

View/VDM Connection Server

VDM Access (not required if only HTTPS is to be supported)

View/VDM 2.x

80

TCP

Client PC

View/VDM Connection Server

VDM Web Access (not required if only HTTPS is to be supported).

View/VDM 2.x

88

UDP

View/VDM Connection Server/View Manager

Active Directory Server

AD Authentication

View/VDM 2.x

88

TCP

View/VDM Connection Server/View Manager

Active Directory Server

AD Authentication

View/VDM 2.x

389

TCP/UDP

View/VDM Connection Server/View Manager

LDAP Server

LDAP Authentication

View/VDM 2.x

443

TCP

View/VDM Client

View/VDM Security Server

VDM Access

View/VDM 2.x

443

TCP

Client PC

View/VDM Connection Server/View Manager

VDM Web Access and VDM Administration

View/VDM 2.x

443

TCP

Thin Client

View/VDM Connection Server/View Manager

VDM API

View/VDM 2.x

443

TCP

View/VDM Client

View/VDM Connection Server/View Mana