Required ports for configuring an external firewall to allow ESX/ESXi and vCenter Server traffic
search cancel

Required ports for configuring an external firewall to allow ESX/ESXi and vCenter Server traffic

book

Article ID: 304715

calendar_today

Updated On:

Products

VMware vCenter Server VMware vSphere ESXi

Issue/Introduction

This article provides information related to configuring an external firewall to allow ESX/ESXi and vCenter Server traffic.

Environment

VMware ESX 3.0.x VMware VirtualCenter 2.0.x
VMware ESX 3.5.x VMware VirtualCenter 2.5.x
VMware ESXi 3.5.x VMware vCenter Server 4.0.x
VMware ESXi 4.0.x VMware vCenter Server 4.1.x
VMware ESXi 4.1.x VMware vCenter Server 5.0.x
VMware vSphere ESXi 5.0 VMware vCenter Server 5.1.x
VMware vSphere ESXi 5.1 VMware vCenter Server 5.5.x
VMware vSphere ESXi 5.5 VMware vCenter Server 6.0.x
VMware vSphere ESXi 6.0 VMware vCenter Server 6.5.x
VMware vSphere ESXi 6.5 VMware vCenter Server 6.x
VMware vSphere ESXi 6.7 VMware vCenter Server 7.x
VMware vSphere ESXi 7.x  

Resolution


Note: Please refer to VMware Ports and Protocols for a comprehensive list of the TCP and UDP ports required in vSphere 6.5, 6.7, 7.0 and 8.0.

For older vSphere versions these ports are mandatory:
  • 22 - SSH (TCP)
  • 53 - DNS (TCP and UDP)
  • 80 - HTTP (TCP/UDP)
  • 902 - vCenter Server / VMware Infrastructure Client - UDP for ESX/ESXi Heartbeat (UDP and TCP)
  • 903 - Remote Access to VM Console (TCP)
  • 443 - Web Access (TCP)
  • 27000, 27010 - License Server (Valid for ESX/ESXi 3.x hosts only)
These ports are optional:
  • 123 - NTP (UDP)
  • 161, 162 - SNMP (UDP)
  • 88 - Kerberos (UDP and TCP)
  • 464 - Active Directory (TCP and UDP)
  • 3260 - Software iSCSI (TCP)



Powered by Wolken Software