What does the VCSA use the following ports for?

• TCP - 4000, 4001, 4002, 4003, 4005, 5432, 5580, 5581, 6832, and 10118.

The listed ports are internal to vSphere and should route through the reverse proxy if necessary. This is likely why they are not listed in the VMware Ports and Protocols tool and other articles related to required network ports. These ports should not be seen sent over your network external to vSphere.

Note: Services need to map to ports so they can communicate internally on the machine (VCSA). This is expected behavior.

• Details of each port:

  • 4000 - vmware-trustma

  • 4001 - lookupsvc.laun

  • 4002 - vmware-certifi

  • 4003 - vmware-hvc.lau

  • 4005 - vmware-topolog

  • 5432 - envoy-sidecar

  • 5580 - envoy

  • 5581 - python3

  • 6832 - vdtc

  • 10118 - java