Public IP list for VMware Update Manager (IP Addresses of hostupdate.vmware.com)
search cancel

Public IP list for VMware Update Manager (IP Addresses of hostupdate.vmware.com)

book

Article ID: 320929

calendar_today

Updated On: 03-04-2025

Products

VMware vSphere ESXi

Issue/Introduction

This article provides information on the fixed IP addresses used to serve VMware Update Manager (VUM). Users can utilize the IP list as the destination of firewall outbound rules for VUM to meet security requirements.

Resolution

VMware Update Manager (VUM) connects to hostupdate.vmware.com to download updates.

Hostupdate.vmware.com is provided through content delivery network (CDN) which significantly improves its download performance. Due to the scale and distributed nature of CDN, in the past it was not possible to host hostupdate.vmware.com on a fixed list of IP addresses.

Some environments’ firewall blocks outbound connections to arbitrary IPs for security concerns. This prevents VUM from connecting to hostupdate.vmware.com. There were walkarounds in the past but often not satisfying.

VMware by Broadcom has announced that hostupdate.vmware.com is now being hosted on a fixed list of public IP addresses on CDN.

Note: hostupdate.vmware.com DNS is getting moved to Broadcom and is moving to Cloudflare; use the below IP address for the change.

IP List

IPv4 IPv6
162.159.140.167 2a06:98c1:58::a5
172.66.0.165 2606:4700:7::a5

Users can use the IP list and TCP port 80, 443 as allowed destination for firewall outbound rules. This allows VUM to connect to hostupdate.vmware.com to download patches.

If the environment has firewall configured and configured with the Legacy IPs, the environment may run into an error as mentioned in the article: Error: "A depot is inaccessible or has invalid contents" when attempting to sync or download updates in Lifecycle Manager

Powered by Wolken Software