Как и какие порты использует VMware, Converter, AppSpeed, Consolidated Backup, Data Recovery, ESX, Heartbeat, Guided Consolidation, Lab Manager, Orchestrator

Какие порты использует VMware

Как и какие порты использует VMware, Converter, AppSpeed, Consolidated Backup, Data Recovery, ESX, Heartbeat, Guided Consolidation, Lab Manager, Orchestrator.

AppSpeed

Product PortProtocolSourceTargetPurpose
AppSpeed 80TCPAppSpeed ServervCenter Server 4vCenter proxy interface. Used only during setup to verify the proxy is setup correctly. Port 80 is the default Web Service Port, but a different TCP port can be configured in vCenter Server 4.
AppSpeed 443TCPAppSpeed ServervCenter Server 4Default port for communications. A different TCP port can be configured in vCenter Server 4.
AppSpeed 22TCPAppSpeed ServerAppSpeed ProbeConnections to the probes to access the probes outside of the VPN.
AppSpeed 123TCPAppSpeed ServerAppSpeed ProbeNTP services
AppSpeed 1194TCP/UDPAppSpeed ServerAppSpeed ProbeCommunications over OpenVPN

Consolidated Backup

Product PortProtocolSourceTargetPurpose
Consolidated Backup 443TCPVCB Proxy ServervCenter ServerRequired for VCB and vcbMounter communication and backup processes
Consolidated Backup 443TCPVCB Proxy ServerESX/ESXi HostRequired for VCB and vcbMounter communication and backup processes

Converter

Product PortProtocolSourceTargetPurpose
Converter 3.x 137UDPvCenter Converter ServerSource Computer to be convertedFor hot migration. Not required if the source computer does not use NetBIOS
Converter 3.x 138UDPvCenter Converter ServerSource Computer to be convertedFor hot migration. Not required if the source computer does not use NetBIOS
Converter 3.x 139TCPvCenter Converter ServerSource Computer to be convertedFor hot migration. Not required if the source computer does not use NetBIOS
Converter 3.x 443TCPSource Computer to be convertedESX/ESXi HostRequired for destination VM access when target is ESX/ESXi/vCenter
Converter 3.x 443TCPSource Computer to be convertedvCenter ServerRequired if vCenter Server is the conversion target
Converter 3.x 443TCPvCenter Converter ServervCenter ServerRequired if vCenter Server is the conversion target
Converter 3.x 443TCPvCenter Converter ServerESX/ESXi HostRequired for system conversion
Converter 3.x 445TCPvCenter Converter ServerSource Computer to be convertedRequired for system conversion. Not required if the source computer uses NetBIOS
Converter 3.x 902TCPSource Computer to be convertedESX/ESXi HostRequired for data transport during cloning of system to be converted to target ESX/ESXi Host
Converter 4.x 22TCPHelper Virtual MachineSource Computer to be convertedRequired for conversion of Linux-based source computers (data flows from source to VM)
Converter 4.x 22TCPvCenter Converter ServerSource Computer to be convertedRequired for conversion of Linux-based source computers
Converter 4.x 137UDPvCenter Converter ServerSource Computer to be convertedFor hot migration. Not required if the source computer does not use NetBIOS
Converter 4.x 138UDPvCenter Converter ServerSource Computer to be convertedFor hot migration. Not required if the source computer does not use NetBIOS
Converter 4.x 139TCPvCenter Converter ServerSource Computer to be convertedFor hot migration. Not required if the source computer does not use NetBIOS
Converter 4.x 443TCPvCenter Converter ClientvCenter Converter ServerOnly required if the Converter Client and Converter Server were installed on different systems
Converter 4.x 443TCPSource Computer to be convertedESX/ESXi HostRequired for destination VM access when target is ESX/ESXi/vCenter
Converter 4.x 443TCPSource Computer to be convertedvCenter ServerRequired if vCenter Server is the conversion target
Converter 4.x 443TCPvCenter Converter ServervCenter ServerRequired if vCenter Server is the conversion target
Converter 4.x 443TCPvCenter Converter ServerESX/ESXi HostRequired for system conversion
Converter 4.x 443TCPvCenter Converter ServerHelper Virtual MachineRequired for conversion of Linux-based source computers
Converter 4.x 445TCPvCenter Converter ServerSource Computer to be convertedRequired for system conversion. Not required if the source computer uses NetBIOS
Converter 4.x 902TCPSource Computer to be convertedESX/ESXi HostRequired for data transport during cloning of system to be converted to target ESX/ESXi Host
Converter 4.x 9089, 9090TCPvCenter Converter ServerSource Computer to be convertedRequired for system conversion. Remote agent deployment
Data Recovery
Product PortProtocolSourceTargetPurpose
Data Recovery 443TCPData Recovery AppliancevCenter ServerVDR to vCenter Server communications
Data Recovery 902TCPData Recovery ApplianceESX HostVDR to ESX communications
Data Recovery 22024TCPData Recovery vSphere Client Plug-inData Recovery ApplianceData Recovery management
ESX
Product PortProtocolSourceTargetPurpose
ESX 3.x 21TCPFTP ClientESX HostFTP
ESX 3.x 21TCPESX HostFTP ServerFTP
ESX 3.x 22TCPSSH ClientESX HostSSH
ESX 3.x 22TCPESX HostSSH ServerSSH
ESX 3.x 53UDPESX/ESXi HostDNS ServerDNS
ESX 3.x 80TCPClient PCESX/ESXi HostRedirect Web Browser to HTTPS Service (443)
ESX 3.x 88TCPESX HostActive Directory ServerPAM Active Directory Authentication - Kerberos
ESX 3.x 111UDPESX/ESXi HostNFS ServerNFS Client – RPC Portmapper
ESX 3.x 111TCPESX/ESXi HostNFS ServerNFS Client – RPC Portmapper
ESX 3.x 123UDPESX/ESXi HostNTP Time ServerNTP Client
ESX 3.x 137 - 139TCPESX HostSMB ServerSMB
ESX 3.x 161UDPSNMP ServerESX HostSNMP Polling
ESX 3.x 162UDPESX HostSNMP CollectorSNMP Trap Send
ESX 3.x 389TCPESX HostLDAP ServerPAM Active Directory Authentication – LDAP
ESX 3.x 427UDPESX/ESXi HostESX/ESXi HostCIM Service Location Protocol (SLP)
ESX 3.x 427TCPESX/ESXi HostESX/ESXi HostCIM Service Location Protocol (SLP)
ESX 3.x 443TCPClient PCESX HostHost VI Management via web browser
ESX 3.x 443TCPVI/vSphere ClientESX/ESXi HostVI/vSphere Client to ESX/ESXi Host management connection
ESX 3.x 443TCPESX/ESXi HostESX/ESXi HostHost to host VM migration and provisioning
ESX 3.x 445TCPESX HostSMB ServerSMB
ESX 3.x 445TCPESX HostMS Directory Services ServerPAM Active Directory Authentication
ESX 3.x 445UDPESX HostMS Directory Services ServerPAM Active Directory Authentication
ESX 3.x 464TCPESX HostActive Directory ServerPAM Active Directory Authentication – Kerberos Password Services
ESX 3.x 514UDPESX/ESXi HostSyslog ServerRemote syslog logging
ESX 3.x 902TCPVI/vSphere ClientESX/ESXi HostVI/vSphere Client to ESX/ESXi hosted VM connectivity
ESX 3.x 902TCP/UDPESX/ESXi HostESX/ESXi HostAuthentication, Provisioning, VM Migration
ESX 3.x 902TCP/UDPESX/ESXi HostvCenter 4 ServerHeartbeat
ESX 3.x 903TCPVI/vSphere ClientESX/ESXi HostVM Remote VM Console
ESX 3.x 2049UDPESX/ESXi HostNFS ServerNFS Client
ESX 3.x 2049TCPESX/ESXi HostNFS ServerNFS Client
ESX 3.x 2050 - 2250UDPESX/ESXi HostESX/ESXi HostVMware HA
ESX 3.x 3260TCPESX/ESXi HostiSCSI SANSoftware iSCSI Client and Hardware iSCSI HBA
ESX 3.x 5988TCPESX/ESXi HostESX/ESXi HostCIM Client to CIM Secure Server
ESX 3.x 5989TCPESX/ESXi HostVirtualCenter/vCenterCIM Secure Server to CIM Client
ESX 3.x 5989TCPVirtualCenter/vCenterESX/ESXi HostCIM Client to CIM Secure Server
ESX 3.x 8000TCPESX/ESXi Host (VM Target)ESX/ESXi Host (VM Source)VMotion Communication on VMKernel Interface
ESX 3.x 8000TCPESX/ESXi Host (VM Source)ESX/ESXi Host (VM Target)VMotion Communication on VMKernel Interface
ESX 3.x 8042 -8045TCPESX/ESXi HostESX/ESXi HostVMware HA
ESX 3.x 27000TCPESX/ESXi HostVMware License ServerESX/ESXi 3.x Host to License Server communication
ESX 3.x 27010TCPESX/ESXi HostVMware License ServerESX/ESXi 3.x Host to License Server communication
ESX 4.x 21TCPFTP ClientESX HostFTP
ESX 4.x 21TCPESX HostFTP ServerFTP
ESX 4.x 22TCPESX HostSSH ServerSSH
ESX 4.x 22TCPSSH ClientESX HostSSH
ESX 4.x 53UDPESX/ESXi HostDNS ServerDNS
ESX 4.x 80TCPClient PCESX/ESXi HostRedirect Web Browser to HTTPS Service (443)
ESX 4.x 88TCPESX HostActive Directory ServerPAM Active Directory Authentication - Kerberos
ESX 4.x 111UDPESX/ESXi HostNFS ServerNFS Client – RPC Portmapper
ESX 4.x 111TCPESX/ESXi HostNFS ServerNFS Client – RPC Portmapper
ESX 4.x 123UDPESX/ESXi HostNTP Time ServerNTP Client
ESX 4.x 137 - 139TCPESX HostSMB ServerSMB
ESX 4.x 161UDPSNMP ServerESX HostSNMP Polling
ESX 4.x 162UDPESX HostSNMP CollectorSNMP Trap Send
ESX 4.x 389TCPESX HostLDAP ServerPAM Active Directory Authentication – LDAP
ESX 4.x 427UDPESX/ESXi HostESX/ESXi HostCIM Service Location Protocol (SLP)
ESX 4.x 427TCPESX/ESXi HostESX/ESXi HostCIM Service Location Protocol (SLP)
ESX 4.x 443TCPESX/ESXi HostESX/ESXi HostHost to host VM migration and provisioning
ESX 4.x 443TCPClient PCESX HostHost VI Management via web browser
ESX 4.x 443TCPVI/vSphere ClientESX/ESXi HostVI/vSphere Client to ESX/ESXi Host management connection
ESX 4.x 445UDPESX HostMS Directory Services ServerPAM Active Directory Authentication
ESX 4.x 445TCPESX HostSMB ServerSMB
ESX 4.x 445TCPESX HostMS Directory Services ServerPAM Active Directory Authentication
ESX 4.x 464TCPESX HostActive Directory ServerPAM Active Directory Authentication – Kerberos Password Services
ESX 4.x 514UDPESX/ESXi HostSyslog ServerRemote syslog logging
ESX 4.x 902TCPVI/vSphere ClientESX/ESXi HostVI/vSphere Client to ESX/ESXi hosted VM connectivity
ESX 4.x 902TCP/UDPESX/ESXi HostESX/ESXi HostAuthentication, Provisioning, VM Migration
ESX 4.x 902TCP/UDPESX/ESXi HostvCenter 4 ServerHeartbeat
ESX 4.x 903TCPVI/vSphere ClientESX/ESXi HostVM Remote VM Console
ESX 4.x 2049UDPESX/ESXi HostNFS ServerNFS Client
ESX 4.x 2049TCPESX/ESXi HostNFS ServerNFS Client
ESX 4.x 2050 - 2250UDPESX/ESXi HostESX/ESXi HostVMware HA
ESX 4.x 3260TCPESX/ESXi HostiSCSI SANSoftware iSCSI Client and Hardware iSCSI HBA
ESX 4.x 5900 - 5964  TCPESX/ESXi HostESX/ESXi Host RFB Protocol used by management tools such as VNC
ESX 4.x 5988TCPESX/ESXi HostESX/ESXi HostCIM Client to CIM Secure Server
ESX 4.x 5989TCPVirtualCenter/vCenterESX/ESXi HostCIM Client to CIM Secure Server
ESX 4.x 5989TCPESX/ESXi HostVirtualCenter/vCenterCIM Secure Server to CIM Client
ESX 4.x 8000TCPESX/ESXi Host (VM Target)ESX/ESXi Host (VM Source)VMotion Communication on VMKernel Interface
ESX 4.x 8000TCPESX/ESXi Host (VM Source)ESX/ESXi Host (VM Target)VMotion Communication on VMKernel Interface
ESX 4.x 8042 -  8045TCPESX/ESXi HostESX/ESXi HostVMware HA
ESX 4.x 47UDPESX/ESXi HostPhysical SwitchesvDS (Virtual Distributed Switch) Broadcast
ESX 4.x 8100TCP/UDPESX/ESXi 4 HostESX/ESXi 4.x HostVMware Fault Tolerance. ESX/ESXi 4 only.
ESX 4.x 8200TCP/UDPESX/ESXi 4 HostESX/ESXi 4.x HostVMware Fault Tolerance. ESX/ESXi 4 only.
ESXi 3.x 53UDPESX/ESXi HostDNS ServerDNS
ESXi 3.x 80TCPClient PCESX/ESXi HostRedirect Web Browser to HTTPS Service (443)
ESXi 3.x 111TCPESX/ESXi HostNFS ServerNFS Client – RPC Portmapper
ESXi 3.x 111UDPESX/ESXi HostNFS ServerNFS Client – RPC Portmapper
ESXi 3.x 123UDPESX/ESXi HostNTP Time ServerNTP Client
ESXi 3.x 162UDPESX HostSNMP CollectorSNMP Trap Send
ESXi 3.x 427UDPESX/ESXi HostESX/ESXi HostCIM Service Location Protocol (SLP)
ESXi 3.x 427TCPESX/ESXi HostESX/ESXi HostCIM Service Location Protocol (SLP)
ESXi 3.x 443TCPVI/vSphere ClientESX/ESXi HostVI/vSphere Client to ESX/ESXi Host management connection
ESXi 3.x 443TCPESX/ESXi HostESX/ESXi HostHost to host VM migration and provisioning
ESXi 3.x 514UDPESX/ESXi HostSyslog ServerRemote syslog logging
ESXi 3.x 902TCPVI/vSphere ClientESX/ESXi HostVI/vSphere Client to ESX/ESXi hosted VM connectivity
ESXi 3.x 902TCP/UDPESX/ESXi HostESX/ESXi HostAuthentication, Provisioning, VM Migration
ESXi 3.x 902TCP/UDPESX/ESXi HostvCenter 4 ServerHeartbeat
ESXi 3.x 903TCPVI/vSphere ClientESX/ESXi HostVM Remote VM Console
ESXi 3.x 2049TCPESX/ESXi HostNFS ServerNFS Client
ESXi 3.x 2049UDPESX/ESXi HostNFS ServerNFS Client
ESXi 3.x 2050 - 2250UDPESX/ESXi HostESX/ESXi HostVMware HA
ESXi 3.x 3260TCPESX/ESXi HostiSCSI SANSoftware iSCSI Client and Hardware iSCSI HBA
ESXi 3.x 5988TCPESX/ESXi HostESX/ESXi HostCIM Client to CIM Secure Server
ESXi 3.x 5989TCPVirtualCenter/vCenterESX/ESXi HostCIM Client to CIM Secure Server
ESXi 3.x 5989TCPESX/ESXi HostVirtualCenter/vCenterCIM Secure Server to CIM Client
ESXi 3.x 8000TCPESX/ESXi Host (VM Target)ESX/ESXi Host (VM Source)VMotion Communication on VMKernel Interface
ESXi 3.x 8000TCPESX/ESXi Host (VM Source)ESX/ESXi Host (VM Target)VMotion Communication on VMKernel Interface
ESXi 3.x 8042 - 8045TCPESX/ESXi HostESX/ESXi HostVMware HA
ESXi 3.x 27000TCPESX/ESXi HostVMware License ServerESX/ESXi 3.x Host to License Server communication
ESXi 3.x 27010TCPESX/ESXi HostVMware License ServerESX/ESXi 3.x Host to License Server communication
ESXi 4.x 53UDPESX/ESXi HostDNS ServerDNS
ESXi 4.x 80TCPClient PCESX/ESXi HostRedirect Web Browser to HTTPS Service (443)
ESXi 4.x 111TCPESX/ESXi HostNFS ServerNFS Client – RPC Portmapper
ESXi 4.x 111UDPESX/ESXi HostNFS ServerNFS Client – RPC Portmapper
ESXi 4.x 123UDPESX/ESXi HostNTP Time ServerNTP Client
ESXi 4.x 161UDPSNMP ServerESXi 4.x HostSNMP Polling. Not used in ESXi 3.x
ESXi 4.x 162UDPESX HostSNMP CollectorSNMP Trap Send
ESXi 4.x 427UDPESX/ESXi HostESX/ESXi HostCIM Service Location Protocol (SLP)
ESXi 4.x 427TCPESX/ESXi HostESX/ESXi HostCIM Service Location Protocol (SLP)
ESXi 4.x 443TCPVI/vSphere ClientESX/ESXi HostVI/vSphere Client to ESX/ESXi Host management connection
ESXi 4.x 443TCPESX/ESXi HostESX/ESXi HostHost to host VM migration and provisioning
ESXi 4.x 514UDPESX/ESXi HostSyslog ServerRemote syslog logging
ESXi 4.x 902TCPVI/vSphere ClientESX/ESXi HostVI/vSphere Client to ESX/ESXi hosted VM connectivity
ESXi 4.x 902TCP/UDPESX/ESXi HostESX/ESXi HostAuthentication, Provisioning, VM Migration
ESXi 4.x 902TCP/UDPESX/ESXi HostvCenter 4 ServerHeartbeat
ESXi 4.x 903TCPVI/vSphere ClientESX/ESXi HostVM Remote VM Console
ESXi 4.x 2049TCPESX/ESXi HostNFS ServerNFS Client
ESXi 4.x 2049UDPESX/ESXi HostNFS ServerNFS Client
ESXi 4.x 2050 - 2250UDPESX/ESXi HostESX/ESXi HostVMware HA
ESXi 4.x 3260TCPESX/ESXi HostiSCSI SANSoftware iSCSI Client and Hardware iSCSI HBA
ESXi 4.x 5900 - 5964 TCPESX/ESXi HostESX/ESXi Host RFB Protocol used by management tools such as VNC
ESXi 4.x 5988TCPESX/ESXi HostESX/ESXi HostCIM Client to CIM Secure Server
ESXi 4.x 5989TCPVirtualCenter/vCenterESX/ESXi HostCIM Client to CIM Secure Server
ESXi 4.x 5989TCPESX/ESXi HostVirtualCenter/vCenterCIM Secure Server to CIM Client
ESXi 4.x 8000TCPESX/ESXi Host (VM Target)ESX/ESXi Host (VM Source)VMotion Communication on VMkernel Interface
ESXi 4.x 8000TCPESX/ESXi Host (VM Source)ESX/ESXi Host (VM Target)VMotion Communication on VMkernel Interface
ESXi 4.x 47UDPESX/ESXi HostPhysical SwitchesvDS (Virtual Distributed Switch) Broadcast
ESXi 4.x 8042 - 8045TCPESX/ESXi HostESX/ESXi HostVMware HA
ESXi 4.x 8100TCP/UDPESX/ESXi 4 HostESX/ESXi 4.x HostVMware Fault Tolerance. ESX/ESXi 4 only.
ESXi 4.x 8200TCP/UDPESX/ESXi 4 HostESX/ESXi 4.x HostVMware Fault Tolerance. ESX/ESXi 4 only.
Heartbeat
Product PortProtocolSourceTargetPurpose
Heartbeat 52267TCPvCenter Server Heartbeat ConsolevCenter Server Heartbeat ServerClient Connection Port
Heartbeat 57348TCPvCenter Server Primary ServervCenter Server Secondary ServerDefault Channel Port to communicate between Primary and Secondary server
Guided Consolidation
Product PortProtocolSourceTargetPurpose
Guided Consolidation 135TCP/UDPConsolidation Target (Physical Server)vCenter Converter ServerMicrosoft DCE Locator Service, also known at End-Point Mapper
Guided Consolidation 137TCP/UDPConsolidation Target (Physical Server)vCenter Converter ServerNetBIOS names service. Firewall administrators frequently see largernumbers of incoming packets to port 137. This is because of Windows servers that use NetBIOS (as well as DNS) to resolve IP addresses to names using the gethostbyaddr() function. As users behind the firewalls visit Windows-based Web sites, those servers frequently respond with NetBIOS lookups.
Guided Consolidation 138TCP/UDPConsolidation Target (Physical Server)vCenter Converter ServerNetBIOS datagram Used by Windows, as well as UNIX services (such as SAMBA). Port 138 is used primarily by the SMB browser service that obtains Network Neighborhood information.
Guided Consolidation 139TCP/UDPConsolidation Target (Physical Server)vCenter Converter ServerNetBIOS Session Windows File and Printer sharing.
Guided Consolidation 445TCP/UDPConsolidation Target (Physical Server)vCenter Converter ServerDNS Direct Hosting port. In Windows 2000 and Windows XP, redirector and server components now support direct hosting for communicating with other computers running Windows 2000 or Windows XP. Direct hosting does not use NetBIOS for name resolution. DNS is used for name resolution, and the Microsoft networking communication is sent directly over TCP without a NetBIOS header. Direct hosting over TCP/IP uses TCP and UDP port 445 instead of the NetBIOS session TCP port 139.
Lab Manager
Product PortProtocolSourceTargetPurpose
Lab Manager 137UDPESX/ESXi HostSMB File ServerSMB File Sharing for Importing/Exporting VMs. ESXi requires Lab Manager 4.x
Lab Manager 138UDPESX/ESXi HostSMB File ServerSMB File Sharing for Importing/Exporting VMs. ESXi requires Lab Manager 4.x
Lab Manager 139TCPESX/ESXi HostSMB File ServerSMB File Sharing for Importing/Exporting VMs. ESXi requires Lab Manager 4.x
Lab Manager 389TCPLab Manager ServerLDAP ServerLDAP Authentication (optional)
Lab Manager 443TCPClient PCLab Manager ServerLab Manager Console (Web Browser)
Lab Manager 443TCPLab Manager ServervCenter ServerLab Manager to vCenter Server Communication
Lab Manager 445TCPESX/ESXi HostSMB File ServerSMB File Sharing for Importing/Exporting VMs. ESXi requires Lab Manager 4.x
Lab Manager 514TCPLab Manager ServerVirtual RouterUpdate IP tables and routing on the vRouter
Lab Manager 636TCPLab Manager ServerLDAP ServerLDAPS Authentication (optional)
Lab Manager 1433TCPLab Manager ServerMicrosoft SQL ServerLab Manager Connectivity to Microsoft SQL Server (for LM database)
Lab Manager 5212TCPLab Manager ServerESX/ESXi HostLab Manager Agent. ESXi requires Lab Manager 4.x
Orchestrator
Product PortProtocolSourceTargetPurpose
Orchestrator 25TCPVCO ServerSMTP ServerEmail notifications
Orchestrator 389TCPVCO ServerLDAP ServerLDAP Authentication
Orchestrator 443TCPVCO ServervCenter ServerUsed to obtain virtual infrastructure and virtual machine information from orcestrated vCenter Server(s) through the vCenter API
Orchestrator 636TCPVCO ServerLDAP ServerVCO uses LDAP authentication and group membership to determine role authorization in LCM and access to VMs/requests. This is the SSL secured LDAP protocol ldaps (the SSL pendent of 389). This is used for secured LDAP authentication
Orchestrator 1433TCPVCO ServerMicrosoft SQL ServervCenter Orchestrator Server to Microsoft SQL Server for VCO Database
Orchestrator 1521TCPVCO ServerOracle Database ServervCenter Orchestrator Server to Oracle for VCO Database
Orchestrator 3306TCPVCO ServerMySQL ServervCenter Orchestrator Server to MySQL Server for VCO Database
Orchestrator 5432TCPVCO ServerPostgresSQL ServervCenter Orchestrator Server to PortgresSQL Server for VCO Database
Orchestrator 8230TCPVCO ClientVCO ServerLookup port – The main port to communicate with Orchestrator Configurator server (JNDI port). All other ports communicate with the Orchestrator Configurator smart client through this one. It is part of the JBoss Application server infrastructure
Orchestrator 8240TCPVCO ClientVCO ServerCommand port – The application communication port (RMI container port), it is used for remote invocations. It is part of the JBoss Application server infrastructure.
Orchestrator 8244TCPVCO ClientVCO Server Data port used to access all Orchestrator data models,such as workflows and policies. It is part of the JBossapplication server infrastructure.
Orchestrator 8250TCPVCO ClientVCO ServerMessaging port – The Java messaging port used to dispatch events. It is part of the JBoss Application server infrastructure
Orchestrator 8280TCPVCO ServerVCO ServerPort used by VCO Server to connect to the Web front-end via HTTP
Orchestrator 8281TCPVCO ServerVCO ServerPort used by VCO Server to connect to the Web front-end via HTTPS
Orchestrator 8281TCPvCenter ServerVCO ServerPort used by VCO Server to connect to vCenter Server to communicate with the vCenter API
Orchestrator 8282TCPVCO Client PCVCO ServerHTTP server port – The port for the HTTP connector used to connect to the Web frontend.
Orchestrator 8283TCPVCO Client PCVCO ServerHTTPS server port – The port for the SSL HTTP connector used to connect to the Web frontend. Requires Jetty to be configured for SSL.
Site Recovery Manager
Product PortProtocolSourceTargetPurpose
Site Recovery Manager 80 80Site Recovery ManagerRemote vCenter ServerSRM communication. SRM Server at Site A to vCenter Server at Site B (failover) over HTTP and SSL tunnel
Site Recovery 80 80 Site Recovery Remote vCenter SRM communication with local
Manager    Manager Server vCenter server (inventory) & vSphere Client Plug-in download
Site Recovery Manager 443TCPSite Recovery ManagerRemote vCenter ServerSRM communication with remote vCenter Server via HTTP over SSL tunnel
Site Recovery Manager 1433TCPSite Recovery ManagerMicrosoft SQL ServerSRM Connectivity to Microsoft SQL Server (for SRM database)
Site Recovery Manager 1521TCPSite Recovery ManagerOracle Database ServerSRM Connectivity to Oracle (for SRM database)
Site Recovery 1526TCPSite Recovery Manager Oracle Database SRM Connectivity to Oracle (for
Manager     Server SRM database)
Site Recovery Manager 5000TCPSite Recovery ManagerIBM DB2 Database ServerSRM Connectivity to IBM DB/2 (for SRM database)
Site Recovery Manager 8095TCPSite Recovery ManagervCenter serverSRM server and vCenter server (intrasite only).
Site Recovery Manager 8096TCPSite Recovery ManagervCenter servervCenter server (for plug-in download).
Site Recovery Manager 9007TCPSite Recovery ManagerExternal SRM API ClientSRM communication via WSDL
Site Recovery Manager 9008TCPSite Recovery ManagerExternal SRM API ClientSRM communication via HTTP
Stage Manager
Product PortProtocolSourceTargetPurpose
Stage Manager 137UDPESX HostSMB File ServerSMB File Sharing for Importing/Exporting VMs
Stage Manager 138UDPESX HostSMB File ServerSMB File Sharing for Importing/Exporting VMs
Stage Manager 139TCPESX HostSMB File ServerSMB File Sharing for Importing/Exporting VMs
Stage Manager 389TCPStage Manager ServerLDAP ServerLDAP Authentication (optional)
Stage Manager 443TCPClient PCStage Manager ServerStage Manager Console (Web Browser)
Stage Manager 443TCPStage Manager ServerESX HostStage Manager Server communication with ESX Host Agent
Stage Manager 443TCPStage Manager ServervCenter ServerStage Manager Server communucation with vCenter Server
Stage Manager 445TCPESX HostSMB File ServerSMB File Sharing for Importing/Exporting VMs
Stage Manager 514TCPStage Manager ServerESX HostESX Host Virtual Router
Stage Manager 636TCPStage Manager ServerLDAP ServerLDAPS Authentication (optional)
Stage Manager 5212TCPStage Manager ServerESX HostStage Manager Agent
Update Manager
Product PortProtocolSourceTargetPurpose
Update Manager 80TCPUpdate Manager Serverwww.vmware.com and To obtain metadata for the updates, Update Manager must be able to connect to http://www.vmware.com
Update Manager 80TCPESX/ESXi HostUpdate Manager HostESX/ESXi Host to Update Manager Server . The reverse proxy forwards the required to port 9084
Update Manager 80TCPUpdate Manager ServervCenter ServerUpdate Manager to vCenter Server communication
Update Manager 443TCPUpdate Manager Serverwww.vmware.com and To obtain metadata for the updates, Update Manager must be able to connect to http://www.vmware.com
Update Manager 443TCPESX/ESXi HostUpdate Manager ServerESX/ESXi Host to Update Manager Server . The reverse proxy forwards the required to port 9084
Update Manager 443TCPvCenter ServerUpdate Manager ServervCenter Server to Update Manager Server. The reverse proxy forwards the request to port 8084
Update Manager 902TCPUpdate Manager ServerESX/ESXi HostTo push patches and updates from Update Manager to the ESX/ESXi Hosts to be updated
Update Manager 1433TCPUpdate Manager ServerMicrosoft SQL ServerUpdate Manager to Microsoft SQL Server connectivity (for UM Database)
Update Manager 1521TCPUpdate Manager ServerOracle Database ServerUpdate Manager to Oracle connectivity (for UM Database)
Update Manager 8084TCPUpdate Manager ServervCenter ServerSOAP between components of Update Manager Server and the vCenter Update Manager client plug-in. Configurable at install.
Update Manager 9084TCPESX/ESXi hostUpdate Manager ServerESX/ESXi hosts connect to the VUM webserver listening for updates. Configurable at install.
Update Manager 9087TCPUpdate Manager ServervCenter ServerPort used for uploading host update files. Configurable at install.
Update Manager 9000 -  9100TCPESX/ESXi HostUpdate Manager ServerThis is the recommend port range from which to choose ports for Update Manager if ports 80 and 443 are already in use. Update Manager automatically opens these ports for ESX Host scanning and remediation.
vCenter
Product PortProtocolSourceTargetPurpose
vCenter 2.5.x 25TCPvCenter ServerSMTP ServerEmail notifications
vCenter 2.5.x 53UDPvCenter ServerDNS ServerDNS lookups
vCenter 2.5.x 80TCPClient PCvCenter ServerRedirect Web Browser to HTTPS Service (443)
vCenter 2.5.x 88TCPvCenter ServerActive Directory ServerAD Authentication
vCenter 2.5.x 88UDPvCenter ServerActive Directory ServerAD Authentication
vCenter 2.5.x 161UDPSNMP ServervCenter ServerSNMP Polling
vCenter 2.5.x 162UDPvCenter ServerSNMP ServerSNMP Trap Send
vCenter 2.5.x 389TCPvCenter ServerLDAP ServerLDAP Authentication
vCenter 2.5.x 443TCPvCenter ServerESX/ESXi HostvCenter Agent
vCenter 2.5.x 443TCPClient PCvCenter ServerVI Web Access (Web Browser)
vCenter 2.5.x 443TCPVI/vSphere ClientvCenter ServerVI/vSphere Client access to vCenter Server
vCenter 2.5.x 445TCPvCenter ServerActive Directory ServerAD Authentication
vCenter 2.5.x 445UDPvCenter ServerActive Directory ServerAD Authentication
vCenter 2.5.x 902TCP/UDPvCenter ServerESX/ESXi HostHeartbeat
vCenter 2.5.x 902TCP/UDPESX/ESXi HostvCenter ServerHeartbeat
vCenter 2.5.x 903TCPClient PCvCenter ServerVI/vSphere Client to VM Console
vCenter 2.5.x 903TCPvCenter ServerESX/ESXi HostVI/vSphere Client to VM Console (after connection established between VI/vSphere Client and vCenter)
vCenter 2.5.x 1433TCPvCenter ServerMicrosoft SQL ServerFor vCenter Microsoft SQL Server Database
vCenter 2.5.x 1521TCPvCenter ServerOracle Database ServerFor vCenter Oracle Database
vCenter 2.5.x 5989TCP VirtualCenter/vCenter ESX/ESXi Host vCenter to ESX
vCenter 2.5.x 5989TCPESX/ESXi HostVirtualCenter/vCenterESX to vCenter
vCenter 2.5.x 8005TCPvCenter ServervCenter ServerInternal Communication Port
vCenter 2.5.x 8006TCPvCenter ServervCenter ServerInternal Communication Port
vCenter 2.5.x 8083TCPvCenter ServervCenter ServerInternal Service Diagnostics
vCenter 2.5.x 8085TCPvCenter ServervCenter ServerInternal Service Diagnostics
vCenter 2.5.x 8086TCPvCenter ServervCenter ServerInternal Communication Port
vCenter 2.5.x 8087TCPvCenter ServervCenter ServerInternal Service Diagnostics
vCenter 2.5.x 27000TCPvCenter ServerVMware License ServerLicensing via FlexLM. Only required by vCenter 4 if ESX/ESXi 3.x Hosts will be supported
vCenter 2.5.x 27000TCPVMware License ServervCenter ServerLicensing via FlexLM. Only required by vCenter 4 if ESX/ESXi 3.x Hosts will be supported
vCenter 2.5.x 27010TCPvCenter ServerVMware License ServerLicensing via FlexLM. Only required by vCenter 4 if ESX/ESXi 3.x Hosts will be supported
vCenter 2.5.x 27010TCPVMware License ServervCenter ServerLicensing via FlexLM. Only required by vCenter 4 if ESX/ESXi 3.x Hosts will be supported
vCenter 4.x 25TCPvCenter ServerSMTP ServerEmail notifications
vCenter 4.x 53UDPvCenter ServerDNS ServerDNS lookups
vCenter 4.x 80TCPClient PCvCenter ServerRedirect Web Browser to HTTPS Service (443)
vCenter 4.x 80TCPvCenter ServerESX/ESXi 4.xDPM with IPMI (iLO/BMC) ASF Remote Management and Control Protocol
vCenter 4.x 88UDPvCenter ServerActive Directory ServerAD Authentication
vCenter 4.x 88TCPvCenter ServerActive Directory ServerAD Authentication
vCenter 4.x 161UDPSNMP ServervCenter ServerSNMP Polling
vCenter 4.x 162UDPvCenter ServerSNMP ServerSNMP Trap Send
vCenter 4.x 389TCPvCenter ServerLinked vCenter ServersBi-directional LDAP authentication with Kerberos encryption on TCP port 389 is required between all vCenters that need to replicate.
vCenter 4.x 443TCPvCenter ServerESX/ESXi HostvCenter Agent
vCenter 4.x 443TCPvCenter ServerESX/ESXi 4.xHost DPM with HP iLO Remote Management and Control Protocol
vCenter 4.x 443TCPClient PCvCenter ServerVI Web Access (Web Browser)
vCenter 4.x 443TCPVI/vSphere ClientvCenter ServerVI\vSphere Client access to vCenter Server
vCenter 4.x 445TCPvCenter ServerActive Directory ServerAD Authentication
vCenter 4.x 445UDPvCenter ServerActive Directory ServerAD Authentication
vCenter 4.x 623UDPvCenter Server ESX/ESXi 4.x Host DPM with IPMI (iLO/BMC) ASF Remote Management and Control Protocol
vCenter 4.x 636TCPvCenter ServerLinked vCenter ServersLinked mode connectivity between vCenter Servers
vCenter 4.x 902TCP/UDPvCenter ServerESX/ESXi HostHeartbeat
vCenter 4.x 902TCP/UDPESX/ESXi HostvCenter ServerHeartbeat
vCenter 4.x 903TCPClient PCvCenter ServerVI/vSphere Client to VM Console
vCenter 4.x 903TCPvCenter ServerESX/ESXi HostVI/vSphere Client to VM Console (after connection established between VI/vSphere Client and vCenter)
vCenter 4.x > 1024 (dynamic)  RPCLinked vCenter ServersLinked vCenter Servers Bi-directional RPC communication on dynamic TCP ports is required between all vCenters that need to replicate (via ADAM). A VIC still needs the a direct connection to all vCenters that own an object it needs to manage.
vCenter 4.x 1433TCPvCenter ServerMicrosoft SQL ServerFor vCenter Microsoft SQL Server Database
vCenter 4.x 1521TCPvCenter ServerOracle Database ServerFor vCenter Oracle Database
vCenter 4.x 5989TCP VirtualCenter/vCenter ESX/ESXi Host vCenter to ESX
vCenter 4.x 5989TCPESX/ESXi HostVirtualCenter/vCenterESX to vCenter
vCenter 4.x 8005TCPvCenter ServervCenter ServerInternal Communication Port
vCenter 4.x 8006TCPvCenter ServervCenter ServerInternal Communication Port
vCenter 4.x 8080TCPClient PCvCenter 4 ServerVMware vCenter 4 Management Web Services - HTTP
vCenter 4.x 8083TCPvCenter ServervCenter ServerInternal Service Diagnostics
vCenter 4.x 8085TCPvCenter ServervCenter ServerInternal Service Diagnostics
vCenter 4.x 8086TCPvCenter ServervCenter ServerInternal Communication Port
vCenter 4.x 8087TCPvCenter ServervCenter ServerInternal Service Diagnostics
vCenter 4.x 8443TCPClient PCvCenter 4 ServerVMware vCenter 4 Management Web Services - HTTPS
vCenter 4.x 27000TCPvCenter ServerVMware License ServerLicensing via FlexLM. Only required by vCenter 4 if ESX/ESXi 3.x Hosts will be supported
vCenter 4.x 27000TCPVMware License ServervCenter ServerLicensing via FlexLM. Only required by vCenter 4 if ESX/ESXi 3.x Hosts will be supported
vCenter 4.x 27010TCPvCenter ServerVMware License ServerLicensing via FlexLM. Only required by vCenter 4 if ESX/ESXi 3.x Hosts will be supported
vCenter 4.x 27010TCPVMware License ServervCenter ServerLicensing via FlexLM. Only required by vCenter 4 if ESX/ESXi 3.x Hosts will be supported
vCenter 4.1 60099TCPvCenter ServervCenter 4 Server ServicesThis port is for internal communication between vCenter Server and its solutions. Specifically, it is used to exchange messages about inventory. If you do not have it open, a solution that integrates with vCenter Server using this service may be affected.
vCenter Operations
Product PortProtocolSourceTargetPurpose
vCenter Operations Standard 1.x 22vCenter 4.1vCenter Operations StandardVirtual applianceMust be open to enable SSH access to the vCenter Operations Stand virtual appliance
vCenter Operations Standard 1.x 443vCenter 4.1vCenter Operations StandardVirtual applianceHTTPS server port for the vCenter Operations Standard Administration page
vCenter Operations Standard 1.x 5480vCenter 4.1vCenter Operations StandardVirtual applianceHTTPS server port for the VMware Studio Web console to administer the virtual appliance
View
Product PortProtocolSourceTargetPurpose
View 3.x 3389TCPThin ClientESX hostRDP Protocol
View 3.x 18443TCPView Connection Server/View ManagervCenter ServerView Composer
View 3.x 32111TCPView Agent (Virtual Desktop)View ClientUSB Device Communication
View 3.x 32111TCPView ClientView Agent (Virtual Desktop)USB Device Communication
View 4.x 902TCPView Client/View Client with Offline DesktopESX Host(Optional) View Client with Offline Desktop data is downloaded and uploaded through this port.
View 4.x 3268TCPView/VDM Connection Server/View ManagerActive Directory ServerGlobal Catalog Server
View 4.x 3269TCPView/VDM Connection Server/View ManagerActive Directory ServerGlobal Catalog Server
View 4.x 3389TCPThin ClientESX hostRDP Protocol
View 4.x 9427TCPView Client/View Client with Offline DesktopView Agent (Virtual Desktop)(Optional) Multimedia Redirection (MMR). MMR is support by View Client and View Client with Offline Desktop on certain operating systems.
View 4.x 18443TCPView Connection Server/View ManagervCenter ServerView Composer
View 4.0.x 50002TCP/UDPView Agent (Virtual Desktop)View ClientPCoIP (AES 128-bit encryption)
View 4.0.x 50002TCP/UDPView ClientView Agent (Virtual Desktop)PCoIP (AES 128-bit encryption)
View 4.5.x 80/443TCPView Client with Local ModeView Transfer Serverhttp(s) access via direct connection for downloading and uploading Local Mode data
View 4.5.x 80/443TCPSecurity ServerView Transfer Serverhttp(s) access via tunnel connection for downloading and uploading Local Mode data
View 4.5.x 902TCPView Connection ServerESX HostUsed when checking out local desktops. If you intend to use View Client with Local Mode, port 902 must be accessible on your ESX host
View 4.5.x 902TCPView Transfer ServerESX HostPublishing View Composer packages for Local Mode
View 4.5.x 4001TCPView Connection ServerView Transfer ServerRequired by JMS for Local Mode
View 4.5.x 4172TCP/UDPView Agent (Virtual Desktop)View ClientPCoIP (AES 128-bit encryption)
View 4.5.x 4172TCP/UDPView ClientView Agent (Virtual Desktop)PCoIP (AES 128-bit encryption)
View 4.6.x 80/443TCPView Client with Local ModeView Transfer Serverhttp(s) access via direct connection for downloading and uploading Local Mode data
View 4.6.x 80/443TCPSecurity ServerView Transfer Serverhttp(s) access via direct connection for downloading and uploading Local Mode data
View 4.6.x 902TCPView Connection ServerESX HostUsed when checking out local desktops. If you intend to use View Client with Local Mode, port 902 must be accessible on your ESX host
View 4.6.x 902TCPView Transfer ServerESX HostPublishing View Composer packages for Local Mode
View 4.6.x 4001TCPView Connection ServerView Transfer ServerRequired by JMS for Local Mode
View 4.6.x 4172TCP/UDPView Agent (Virtual Desktop)View ClientPCoIP (AES 128-bit encryption)
View 4.6.x 4172TCP/UDPView ClientView Agent (Virtual Desktop)PCoIP (AES 128-bit encryption)
View/VDM 2.x 80TCPView/VDM ClientView/VDM Security ServerVDM Access (not required if only HTTPS is to be supported)
View/VDM 2.x 80TCPClient PCView/VDM Security ServerVDM Web Access (not required if only HTTPS is to be supported) The Security Server used as a proxy in a DMZ to allow for external connections in. The View Manager/Connection Broker has an ADAM instance on it and thus, a fair amount of the AD (not a good thing to put on the DMZ). If View is LAN-based only, then it’s irrelevant. If it’s publicly accessed, then you definitely want a Security Server to act on behalf of external clients coming in (assuming no VPN)
View/VDM 2.x 80TCPView/VDM ClientView/VDM Connection ServerVDM Access (not required if only HTTPS is to be supported)
View/VDM 2.x 80TCPClient PCView/VDM Connection ServerVDM Web Access (not required if only HTTPS is to be supported)
View/VDM 2.x 88UDPView/VDM Connection Server/View ManagerActive Directory ServerAD Authentication
View/VDM 2.x 88TCPView/VDM Connection Server/View ManagerActive Directory ServerAD Authentication
View/VDM 2.x 389TCP/UDPView/VDM Connection Server/View ManagerLDAP ServerLDAP Authentication
View/VDM 2.x 443TCPView/VDM ClientView/VDM Security ServerVDM Access
View/VDM 2.x 443TCPClient PCView/VDM Connection Server/View ManagerVDM Web Access and VDM Administration
View/VDM 2.x 443TCPThin ClientView/VDM Connection Server/View ManagerVDM API
View/VDM 2.x 443TCPView/VDM ClientView/VDM Connection Server/View ManagerVDM Access
View/VDM 2.x 443TCPClient PCView/VDM Security ServerVDM Web Access (Web Browser)
View/VDM 2.x 443TCPView/VDM Connection Server/View ManagervCenter ServerVDM to vCenter communication
View/VDM 2.x 445UDPView/VDM Connection Server/View ManagerActive Directory ServerAD Authentication
View/VDM 2.x 445TCPView/VDM Connection Server/View ManagerActive Directory ServerAD Authentication
View/VDM 2.x 1024 - 65535TCPView/VDM Connection Server/View ManagerVirtual Desktop VM (View/VDM Agent)Ephemeral Ports. A short-lived connection between View Manager and the virtual desktop
View/VDM 2.x 1024 - 65535TCPView/VDM Connection Server/View ManagerView/VDM Connection Server/View ManagerThis is required for ADAM replication (Active Directory “lite” replication) between VDM Connection Servers. With a Registry entry this can be fixed to a defined set of ports, but by default its a random TCP high port
View/VDM 2.x 3389TCPView/VDM Security ServerVirtual Desktop VM (View/VDM Agent)Tunneled RDP Connection (RSA RC4 encryption, can be set High/Medium/Low) - High: encrypts both the data sent from client to server and the data sent from server to client using a 128 bit key. - Medium: encrypts both the data sent from client to server and the data sent from server to client using a 56 bit key if the client is a Windows 2000 or above client, or a 40 bit key if the client is an earlier version. - Low: encrypts only the data sent from client to server, using either a 56 or 40 bit key, depending on the client version. Useful to protect usernames and passwords sent from client to server.
View/VDM 2.x 3389TCPClient PC/Thin Client/View/VDM ClientVirtual Desktop VM (View/VDM Agent)Direct RDP Connection (RSA RC4 encryption, can be set High/Medium/Low) - High: encrypts both the data sent from client to server and the data sent from server to client using a 128 bit key. - Medium: encrypts both the data sent from client to server and the data sent from server to client using a 56 bit key if the client is a Windows 2000 or above client, or a 40 bit key if the client is an earlier version. - Low: encrypts only the data sent from client to server, using either a 56 or 40 bit key, depending on the client version. Useful to protect usernames and passwords sent from client to server.
View/VDM 2.x 4001TCPView/VDM Security ServerView/VDM Connection Server/View ManagerJava Messenger Service (JMS)
View/VDM 2.x 4001TCPView/VDM Connection Server/View ManagerView/VDM Security ServerJava Messenger Service (JMS)
View/VDM 2.x 4001TCPVirtual Desktop VM (View/VDM Agent)View/VDM Connection Server/View Manager 
View/VDM 2.x 4100TCPView/VDM Connection Server/View ManagerView/VDM Connection Server/View ManagerJava Messenger Service (JMS) inter-router traffic
View/VDM 2.x 8009TCPView/VDM Security ServerView/VDM Connection Server/View ManagerApache Jserv Protocol (AJP)
View/VDM 2.x 8009TCPView/VDM Connection Server/View ManagerView/VDM Security ServerApache Jserv Protocol (AJP)
View/VDM 2.x 42966TCPView Client/View Client with Offline DesktopESX Host(Optional) Hewlett-Packard RGS Sender Application is the server-side component of the HP RGS remote display protocol
vSphere Management Assistant 44TCPvSphere Management AssistantvSphere Management AssistantFor SDK traffic