111/TCP&UDP/NFS Client - RPC Portmapper

2049/TCP&UDP/NFS Server/NFS Client

123/UDP/NTP client
4
4
3
/T
C
P
/H
o
s
t M
a
n
a
g
e
m
e
n
t
9
0
2
/T
C
P
/H
o
s
te
d
V
M
c
o
n
n
e
c
tiv
ity
9
0
3
/T
C
P
/V
M
R
e
m
o
te
V
M
C
o
n
s
o
le
53/UDP/DNS
3
2
6
0
/T
C
P
/S
o
ftw
a
re
iS
C
S
I C
lie
n
t &
H
a
rd
w
a
re
iS
C
S
I H
B
A
ESX only
514/UDP/Remote Syslog logging
2
1
/T
C
P
/F
T
P
2
1
/T
C
P
/F
T
P
2
2
/T
C
P
/S
S
H

2
2
/T
C
P
/S
S
H

389/TCP/LDAP

4
4
5
+
1
3
7
-1
3
9
/T
C
P
/S
M
B
4
4
3
/T
C
P
/H
o
s
t V
I M
a
n
a
g
e
m
e
n
t v
ia
b
ro
w
s
e
r
427/TCP&UDP/CIM Service Location Protocol (SLP)
443/TCP/Server-to-server migration & provisioning trafc
902/TCP&UDP/Authentication, Provisioning, VM Migration
5988/TCP/CIM Client to CIM Secure Server
5989/TCP/CIM Client to CIM Secure Server
8000/TCP/VCOtion Communication of VMkernel Interface
8100+8200/TCP&UDP/VMware FT. ESX/ESXi 4 Hosts only
2050-2250/UDP/VMware HA
8042-8045/TCP/VMware HA
ESXi 4
Only
161/U
D
P/SN
M
P Polling
VMware vCenter
Server


80+443/TCP/Meta data for updates
80+443/TCP/Host to Update Server.
forwards to 9084
9000-9100/TCP/Use if 80+443 are not
available. Automatically opened for host
scanning and remediation
80/TCP/VUM
-VC com
m
unication
443/TCP/The reverse proxy
forwards the request to port 8084
Update Manager
Patch DB
1521/TCP/Oracle
-OR-
1433/TCP/MS SQL
VC DB
1521/TCP/O
racle
-O
R-
1433/TCP/M
S SQ
L
In
te
rn
a
l
8084/TCP/SOAP
9084/TCP/VUM Web Server. Accessed through Reverse Proxy from port 80 and/or 443
vCenter 4
Only
53/UDP/DNS
8
8
+
4
4
5
/T
C
P
&
U
D
P
/A
D
A
u
th
e
n
tic
a
tio
n
161/UDP/SNMP Polling
162/UDP/SNMP Trap Send
389/TCP/LDAP
443/TCP/vCenter Agent
902/TCP/Heartbeat
903/TCP/VI-vSphere Client to VM Console
5989/TCP/CIM transaction communication
Dudley Smith
Fri Jan 15 2010
v5.0
443/TC
P/R
equired for VC
B and vcbM
ounter
C
om
m
unication & Backup
443/TCP/Required for VCB and vcbMounter
Communication & Backup
Converter 4
Only
137+138(UDP)+139(TCP)/For hot migration.
Not required if the source does not use NetBIOS
445/TCP/Required for conversion.
Not required if the source uses NetBIOS
22/TCP/Only for Linux-based Source Computer
443/TC
P/System
C
onversion
4
4
3
/T
C
P
/R
e
q
u
ire
d
if v
C
e
n
te
r S
e
rv
e
r
is
th
e
c
o
n
v
e
rs
io
n
ta
rg
e
t
4
4
3
/T
C
P
/R
e
q
u
ire
d
if v
C
e
n
te
r S
e
rv
e
r
is
th
e
c
o
n
v
e
rs
io
n
ta
rg
e
t
902/TCP/Required for data transport during cloning
of system to be converted to target ESX/ESXi Host
443/TCP/Required for destination VM access when
target is ESX/ESXi/vCenter
9089/TCP/Required.
Remote Agent Deployment
443/TCP/Required if Converter
Client & Converter Server were
installed on different systems
vCenter Converter Client
(ionly required if Converter
Client and Converter Server
were installed on different
systems
443/TCP
SRM DB
1521/TCP/Oracle
-OR-
1433/TCP/MS SQL
-OR-
5000/TCP/IBM DB2
REMOTE
VMware vCenter
Server
(SRM)
Site
Recovery
Manager
8
0
/T
C
P
/S
R
M
C
o
m
m
u
n
ic
a
tio
n
&
P
lu
g
in
d
o
w
n
lo
a
d
80/TCP/SRM communication with remote vCenter
Server(Port 80 is used for the initial connection to
the remote site. After the initial HTTP connection is
made, the two sites establish an SSL connection
over port 80 for subsequent connections.)
www.vmware.com
xml.shavlik.com
8
8
/T
C
P
/P
A
M
A
D
A
u
th
e
n
tica
tio
n
- K
e
rb
e
ro
s
4
4
5
/T
C
P
&
U
D
P
/P
M
A
D
A
u
th
e
n
tica
tio
n
4
6
4
/T
C
P
/P
A
M
A
D
A
u
th
e
n
tica
tio
n
- K
e
rb
e
ro
s P
a
ssw
o
rd
S
e
rvice
s
Linked
vCenter
Server
Linked
vCenter
Server
Linked
vCenter
Server
9
0
3
/T
C
P
/V
I-v
S
p
h
e
re
C
lie
n
t to
V
M
C
o
n
s
o
le
8
0
8
0
/T
C
P
/M
a
n
a
a
g
e
m
e
n
t W
e
b
S
e
rv
ic
e
s
H
T
T
P
8
4
4
3
/T
C
P
/M
a
n
a
g
e
m
e
n
t W
e
b
S
e
rv
ic
e
s
H
T
T
P
S
8005&8006&8086/TCP/
Internal Communications Port
8083 & 8085 & 8087/TCP/
Internal Service Diagnostics
443/TCP/vCenter API (Orch.)
8281/TCP/vCenter AP (Orch.)
In
te
rn
a
l
27000/T
C
P
/for V
I3.x hosts
27010/T
C
P
/for V
I 3.x hosts
27000/TC
P
/for V
I3.x hosts
27010/TC
P
/for V
I 3.x hosts
3.x
Only
VCO DB
1521/TCP/Oracle
1433/TCP/MS SQL
3306/TCP/MySQL
5432/TCP/PostgresSQL
8230/TCP/Lookup
8240/TCP/Command
8250/TCP/Messaging
8282/TCP/HTTP
8283/TCP/HTTPS
Orchestrator
VCO
Client
161/U
D
P/SN
M
P Polling 162/U
D
P/SN
M
P Trap Send
FTP
Client
SSH
Client
FTP
Server
SSH
Server
SMB
Server
iSCSI
SAN
NFS
Server

Syslog
Server

NTP
Server

SNMP
Server
Helper
22/TCP
443/TCP/Required for
Linux sources
Active Directory Server

VCB Proxy
DNS Server
FlexLM
License Server
SNMP Server
SMTP Server
902/TCP/Pushes
updates to the host
(both ESX & ESXi)
Internal
8
0
/T
C
P
/R
e
d
ire
c
t b
ro
w
s
e
r to
H
T
T
P
S
(4
4
3
)
25/TCP/Email notications
389/TCP/LDAP (Optional)
636/TCP/LDAPS (Optional)
8280/TCP/HTTP
In
te
rn
a
l
LDAP Server
4
4
3
/T
C
P
/V
I/v
S
p
h
e
re
c
lie
n
t a
c
c
e
s
s
8
0
+
4
4
3
/T
C
P
/R
e
d
ire
c
t b
ro
w
s
e
r to
H
T
T
P
S
s
e
rv
ic
e
(4
4
3
)
Connections & Ports in ESX & ESXi
Including vCenter Server, Site Recovery Manager, VMware Consolidated Backup, VMware Data Recovery, VMware Update Manager, VMware Orchestrator and VMware Converter
ESX & ESXi ESX & ESXi
VM
VM
Third-party
SystemImages
VMware Virtual
Machines
Physical
Machine
Third-party
Virtual
Machines
.sv2i
Source
vCenter
Converter
80+443/TCP/Meta data for updates
Source: VMware Network Ports Compendium -v5
External
API Client
9007/TCP/SOAP
Data
Recovery
Appliance
22024/TC
P
/D
ata R
ecovery
M
anagem
ent

Guided
Consolidation
Targets
1
3
5
&
1
3
7
&
1
3
8
&
1
3
9
&
4
4
5
/T
C
P
&
U
D
P
/
25/TCP/Email notications
389/TCP/Bi-direction
LDAP authentication with
Kerberos encryption
between vCenter Servers
Bi-directional RPC communications on
dynamic TCP ports required between
all vCenters in Linked Mode (via ADAM)
RPC RPC
902/UDP/Heartbeat