vCenter Server 4.x |
25 |
TCP |
vCenter Server |
SMTP Server |
Email notifications |
vCenter Server 4.x |
53 |
UDP |
vCenter Server |
DNS Server |
DNS lookups |
vCenter Server 4.x |
80 |
TCP |
Client PC |
vCenter Server |
Redirect Web Browser to HTTPS Service (443) |
vCenter Server 4.x |
80 |
TCP |
vCenter Server |
ESXi/ESX 4.x |
DPM with IPMI (iLO/BMC) ASF Remote Management and Control Protocol |
vCenter Server 4.x |
88 |
UDP |
vCenter Server |
Active Directory Server |
AD Authentication |
vCenter Server 4.x |
88 |
TCP |
vCenter Server |
Active Directory Server |
AD Authentication |
vCenter Server 4.x |
135 |
TCP |
vCenter Server |
vCenter Server |
Linked Mode |
vCenter Server 4.x |
161 |
UDP |
SNMP Server |
vCenter Server |
SNMP Polling |
vCenter Server 4.x |
162 |
UDP |
vCenter Server |
SNMP Server |
SNMP Trap Send |
vCenter Server 4.x |
389 |
TCP/UDP |
vCenter Server |
Linked vCenter Servers |
Bi-directional LDAP authentication with Kerberos encryption on TCP port 389 is required between all vCenter Servers that need to replicate. |
vCenter Server 4.x |
443 |
TCP |
vCenter Server |
ESXi/ESX Host |
vCenter Server Agent |
vCenter Server 4.x |
443 |
TCP |
vCenter Server |
ESXi/ESX 4.x |
Host DPM with HP iLO Remote Management and Control Protocol |
vCenter Server 4.x |
443 |
TCP |
Client PC |
vCenter Server |
VI Web Access (Web Browser) |
vCenter Server 4.x |
443 |
TCP |
vSphere Client |
vCenter Server |
vSphere Client access to vCenter Server |
vCenter Server 4.x |
445 |
TCP |
vCenter Server |
Active Directory Server |
AD Authentication |
vCenter Server 4.x |
445 |
UDP |
vCenter Server |
Active Directory Server |
AD Authentication |
vCenter Server 4.x |
623 |
UDP |
vCenter Server |
ESXi/ESX 4.x Host |
DPM with IPMI (iLO/BMC) ASF Remote Management and Control Protocol |
vCenter Server 4.x |
636 |
TCP |
vCenter Server |
Linked vCenter Servers |
Linked mode connectivity between vCenter Servers |
vCenter Server 4.x |
902 |
TCP/UDP |
vCenter Server |
ESXi/ESX Host |
Heartbeat |
vCenter Server 4.x |
902 |
TCP/UDP |
ESXi/ESX Host |
vCenter Server |
Heartbeat |
vCenter Server 4.x |
903 |
TCP |
Client PC |
vCenter Server |
VI / vSphere Client to VM Console |
vCenter Server 4.x |
902 |
TCP |
vCenter Server |
ESXi/ESX Host |
VI / vSphere Client to VM Console (after connection established between VI / vSphere Client and vCenter Server) |
vCenter Server 4.x |
1024 (dynamic) |
RPC |
Linked vCenter Servers |
Linked vCenter Servers |
Bi-directional RPC communication on dynamic TCP ports is required between all vCenter Servers that need to replicate (via ADAM). A VIC still needs a direct connection to all vCenter Servers that own an object it needs to manage. |
vCenter Server 4.x |
1433 |
TCP |
vCenter Server |
Microsoft SQL Server |
For vCenter Server Microsoft SQL Server Database |
vCenter Server 4.x |
1521 |
TCP |
vCenter Server |
Oracle Database Server |
For vCenter Server Oracle Database |
vCenter Server 4.x |
5989 |
TCP |
vCenter Server |
ESXi/ESX Host |
vCenter Server to ESX |
vCenter Server 4.x |
5989 |
TCP |
ESXi/ESX Host |
vCenter Server |
ESX to vCenter Server |
vCenter Server 4.x |
8005 |
TCP |
vCenter Server |
vCenter Server |
Internal Communication Port |
vCenter Server 4.x |
8006 |
TCP |
vCenter Server |
vCenter Server |
Internal Communication Port |
vCenter Server 4.x |
8080 |
TCP |
Client PC |
vCenter Server 4.x |
VMware vCenter Server 4 Management Web Services - HTTP |
vCenter Server 4.x |
8083 |
TCP |
vCenter Server |
vCenter Server |
Internal Service Diagnostics |
vCenter Server 4.x |
8085 |
TCP |
vCenter Server |
vCenter Server |
Internal Service Diagnostics/SDK |
vCenter Server 4.x |
8086 |
TCP |
vCenter Server |
vCenter Server |
Internal Communication Port |
vCenter Server 4.x |
8087 |
TCP |
vCenter Server |
vCenter Server |
Internal Service Diagnostics |
vCenter Server 4.x |
8089 |
TCP |
vCenter Server |
vCenter Server |
SDK Tunneling Port |
vCenter Server 4.x |
8443 |
TCP |
Client PC |
vCenter Server 4.x |
VMware vCenter Server 4 Management Web Services - HTTPS |
vCenter Server 4.x |
8443 |
TCP |
vCenter Server |
vCenter Server |
Linked Mode |
vCenter Server 4.x |
27000 |
TCP |
vCenter Server |
VMware License Server |
Licensing via FlexLM. Only required by vCenter Server 4 if ESXi/ESX 3.x Hosts will be supported |
vCenter Server 4.x |
27000 |
TCP |
VMware License Server |
vCenter Server |
Licensing via FlexLM. Only required by vCenter Server 4 if ESXi/ESX 3.x Hosts will be supported |
vCenter Server 4.x |
27010 |
TCP |
vCenter Server |
VMware License Server |
Licensing via FlexLM. Only required by vCenter Server 4 if ESXi/ESX 3.x Hosts will be supported |
vCenter Server 4.x |
27010 |
TCP |
VMware License Server |
vCenter Server |
Licensing via FlexLM. Only required by vCenter Server 4 if ESXi/ESX 3.x Hosts will be supported |
vCenter Server 4.1 |
60099 |
TCP |
vCenter Server |
vCenter Server Services |
This port is for internal communication between vCenter Server and its solutions. Specifically, it is used to exchange messages about inventory. If you do not have it open, a solution that integrates with vCenter Server using this service may be affected. |
vCenter Server 5.x |
25 |
TCP |
vCenter Server |
SMTP Server |
Email notifications |
vCenter Server 5.x |
53 |
UDP |
vCenter Server |
DNS Server |
DNS lookups |
vCenter Server 5.x |
80 |
TCP |
Client PC |
vCenter Server |
vCenter Server requires port 80 for direct HTTP connections. |
vCenter Server 5.x |
80 |
TCP |
vCenter Server |
ESXi 5.x |
DPM with IPMI (iLO/BMC) ASF Remote Management and Control Protocol |
vCenter Server 5.x |
88 |
UDP |
vCenter Server |
Active Directory Server |
AD Authentication |
vCenter Server 5.x |
88 |
TCP |
vCenter Server |
Active Directory Server |
AD Authentication |
vCenter Server 5.x |
135 |
TCP |
vCenter Server |
vCenter Server |
Linked Mode |
vCenter Server 5.x |
161 |
UDP |
SNMP Server |
vCenter Server |
SNMP Polling |
vCenter Server 5.x |
162 |
UDP |
vCenter Server |
SNMP Server |
SNMP Trap Send |
vCenter Server 5.x |
389 |
TCP/UDP |
vCenter Server |
Linked vCenter Servers |
This is the LDAP port number for the Directory Services for the vCenter Server group. The vCenter Server system needs to bind to port 389, even if you are not joining this vCenter Server instance to a Linked Mode group. If another service is running on this port, you can run the LDAP service on any port from 1025 through 65535. |
vCenter Server 5.x |
443 |
TCP |
vSphere Client |
vCenter Server |
vCenter Server system uses to listen for connections from the vSphere Client. |
vCenter Server 5.x |
443 |
TCP |
vCenter Server |
ESXi 5.x |
vCenter Server Agent. Host DPM with HP iLO Remote Management and Control Protocol |
vCenter Server 5.x |
623 |
UDP |
vCenter Server |
ESXi 5.x |
DPM with IPMI (iLO/BMC) ASF Remote Management and Control Protocol |
vCenter Server 5.x |
636 |
TCP |
vCenter Servers |
Linked vCenter Servers |
vCenter Server Linked Mode, this is the SSL port of the local instance. |
vCenter Server 5.x |
902 |
TCP |
vCenter Server |
ESXi 5.x |
vCenter Server system uses to send data to managed hosts. This port must not be blocked by firewalls between the server and the hosts or between hosts. |
vCenter Server 5.x |
902 |
UDP |
vCenter Server |
ESXi 5.x |
Managed hosts send a regular heartbeat to the vCenter Server system. This port must not be blocked by firewalls between the server and the hosts or between hosts. |
vCenter Server 5.x |
902 |
TCP/UDP |
vSphere Client |
ESXi 5.x |
vSphere Client uses this ports to display virtual machine consoles. |
vCenter Server 5.x |
902 |
TCP/UDP |
ESXi 5.x |
ESXi 5.x |
Host access to other hosts for migration and provisioning |
vCenter Server 5.x |
903 |
TCP |
vSphere Client |
ESXi 5.x |
Remote console traffic generated by user access to virtual machines on a specific host. |
vCenter Server 5.x |
1024 (dynamic) |
RPC |
Linked vCenter Servers |
Linked vCenter Servers |
Bi-directional RPC communication on dynamic TCP ports is required between all vCenter Servers that need to replicate (via ADAM). A VIC still needs a direct connection to all vCenter Servers that own an object it needs to manage. |
vCenter Server 5.x |
1433 |
TCP |
vCenter Server |
Microsoft SQL Server |
For vCenter Server Microsoft SQL Server Database |
vCenter Server 5.x |
1521 |
TCP |
vCenter Server |
Oracle Database Server |
For vCenter Server Oracle Database |
vCenter Server 5.x |
5988 |
TCP |
ESXi 5.x |
vCenter Server |
CIM transactions over HTTP |
vCenter Server 5.x |
5989 |
TCP |
vCenter Server |
ESXi 5.x |
CIM XML transactions over HTTPS |
vCenter Server 5.x |
5989 |
TCP |
ESXi 5.x |
vCenter Server |
CIM XML transactions over HTTPS |
vCenter Server 5.x |
7500 |
UDP |
vCenter Server |
vCenter Server |
Linked Mode, Java Discovery Port |
vCenter Server 5.x |
8005 |
TCP |
vCenter Server |
vCenter Server |
Internal Communication Port |
vCenter Server 5.x |
8006 |
TCP |
vCenter Server |
vCenter Server |
Internal Communication Port |
vCenter Server 5.x |
8009 |
TCP |
vCenter Server |
vCenter Server |
AJP Port |
vCenter Server 5.x |
8080 |
TCP |
Client PC |
vCenter Server |
Web Services HTTP. Used for the VMware VirtualCenter Management Web Services. |
vCenter Server 5.x |
8083 |
TCP |
vCenter Server |
vCenter Server |
Internal Service Diagnostics |
vCenter Server 5.x |
8085 |
TCP |
vCenter Server |
vCenter Server |
Internal Service Diagnostics/SDK |
vCenter Server 5.x |
8086 |
TCP |
vCenter Server |
vCenter Server |
Internal Communication Port |
vCenter Server 5.x |
8087 |
TCP |
vCenter Server |
vCenter Server |
Internal Service Diagnostics |
vCenter Server 5.x |
8089 |
TCP |
vCenter Server |
vCenter Server |
SDK Tunneling Port |
vCenter Server 5.x |
8443 |
TCP |
Client PC |
vCenter Server |
Web Services HTTPS. Used for the VMware VirtualCenter Management Web Services. |
vCenter Server 5.x |
8443 |
TCP |
vCenter Server |
vCenter Server |
Linked Mode |
vCenter Server 5.x |
9443 |
TCP |
Client PC |
vCenter Server |
vSphere Web Client Access |
vCenter Server 5.x |
10109 |
TCP |
vCenter Server |
vCenter Server |
vCenter Server Inventory Service Service Management |
vCenter Server 5.x |
10111 |
TCP |
vCenter Server |
vCenter Server |
vCenter Server Inventory Service Linked Mode Communication |
vCenter Server 5.x |
10443 |
TCP |
Client PC |
vCenter Server |
vCenter Server Inventory Service HTTPS |
vCenter Server 5.x |
51915 |
TCP |
ESXi |
vSphere Authentication Proxy |
This is a web service, which is used to add host to Active Directory domain. |
vCenter Server 5.x |
60099 |
TCP |
vCenter Server |
vCenter Server |
Web Service change service notification port |
vCenter Server 5.1 |
7005 |
TCP |
vCenter Server (Tomcat Server settings) |
vCenter Server Single Sign On |
Base shutdown port. For more information, see Configuring VMware Tomcat Server Settings in vCenter Server 5.1. |
vCenter Server 5.1 |
7080 |
TCP |
vCenter Server (Tomcat Server settings) |
vCenter Server Single Sign On |
HTTP Port |
vCenter Server 5.1 |
7444 |
TCP |
vCenter Server (Tomcat Server settings) |
vCenter Server Single Sign On |
HTTPS Port |
vCenter Server 5.1 |
7009 |
TCP |
vCenter Server (Tomcat Server settings) |
Single Sign-On |
AJP Port |
vCenter Server 5.1 |
10111 |
TCP |
vCenter Server Inventory Service |
vCenter Server |
vCenter Server Inventory Service Linked Mode Communication |
vCenter Server 5.1 |
49152 to 65535 |
TCP |
Active Directory |
vCenter Server |
Allow Active Directory authentication/communication between domain controllers and vCenter Server. |
vCenter Server 5.1/5.5 |
8003 |
TCP |
vCenter Server (Tomcat Server settings) |
vCenter ServerManagement Web Services |
vCenter ServerManagement Web Services shutdown |
vCenter Server 6.0 |
80 |
TCP |
Client PC |
vCenter Server |
vCenter Server requires port 80 for direct HTTP connections. |
vCenter Server 6.0 |
88 |
TCP/UDP |
vCenter Server |
ESXi 5.x |
DPM with IPMI (iLO/BMC) ASF Remote Management and Control Protocol |
vCenter Server 6.0 |
389 |
TCP/UDP |
vCenter Server |
Linked vCenter Servers |
This is the LDAP port number for the Directory Services for the vCenter Server group. The vCenter Server system needs to bind to port 389, even if you are not joining this vCenter Server instance to a Linked Mode group. If another service is running on this port, you can run the LDAP service on any port from 1025 through 65535. |
vCenter Server 6.0 |
443 |
TCP |
vSphere Client |
vCenter Server |
vCenter Server system uses to listen for connections from the vSphere Client. |
vCenter Server 6.0 |
514 |
TCP |
vSphere Syslog Collector |
vCenter ServerManagement Web Services |
vCenter ServerManagement Web Services shutdown |
vCenter Server 6.0 |
636 |
TCP |
vCenter Servers |
Linked vCenter Servers |
vCenter Server Linked Mode, this is the SSL port of the local instance. |
vCenter Server 6.0 |
902 |
TCP |
vCenter Server |
ESXi 5.x |
vCenter Server system uses to send data to managed hosts. This port must not be blocked by firewalls between the server and the hosts or between hosts. |
vCenter Server 6.0 |
1514 |
TCP |
vCenter Server |
vCenter ServerSyslog Collector |
vSphere Syslog Collector TLS port for vCenter Server |
vCenter Server 6.0 |
2012 |
TCP |
vCenter Server |
VMware Single Sign-On |
Control interface RPC for vCenter Server Single Sign-On (SSO) |
vCenter Server 6.0 |
2014 |
TCP |
PSC |
VMware Certificate Authority |
RPC port for all VMCA (VMware Certificate Authority) APIs |
vCenter Server 6.0 |
2020 |
TCP |
vCenter Server |
vCenter ServerManagement Web Services |
Authentication framework management |
vCenter Server 6.0 |
6500 |
TCP |
vCenter Server | ESXi 6.0 |
ESXi Dump Collector port |
vCenter Server 6.0 |
6501 |
TCP |
vCenter Server |
ESXi 6.0 |
Auto Deploy service |
vCenter Server 6.0 |
6502 |
TCP |
vCenter Server |
ESXi 6.0 |
Auto Deploy management |
vCenter Server 6.0 |
7444 |
TCP |
vCenter Server |
Single Sign-On |
Secure Token Service |
vCenter Server 6.0 |
8088 |
TCP |
vCenter Server |
vCenter Server |
Workflow Management Service |
vCenter Server 6.0 |
9443 |
TCP | vSphere Web Client |
vCenter Server |
vSphere Web Client HTTPS |
vCenter Server 6.0 |
11711 |
TCP |
vCenter Server |
Active Directory |
VMware Directory service (vmdir) LDAP |
vCenter Server 6.0 |
11712 |
TCP |
vCenter Server |
Active Directory |
VMware Directory service (vmdir) LDAPS |