The VMware Knowledge Base provides support solutions, error messages and troubleshooting guides
Required ports for configuring an external firewall to allow ESX/ESXi and vCenter Server traffic (1005189)
Note: Log in to your firewall and configure it to allow traffic using these ports.
These ports are mandatory:
- 22 - SSH (TCP)
- 53 - DNS (TCP and UDP)
- 80 - HTTP (TCP/UDP)
- 902 - vCenter Server / VMware Infrastructure Client - UDP for ESX/ESXi Heartbeat (UDP and TCP)
- 903 - Remote Console (UDP)
- 443 - Web Access (TCP)
- 27000, 27010 - License Server (Valid for ESX/ESXi 3.x hosts only)
These ports are optional:
- 123 - NTP (UDP)
- 161, 162 - SNMP (UDP)
- 88 - Kerberos (UDP and TCP)
- 464 - Active Directory (TCP and UDP)
- 3260 - Software iSCSI (TCP)
For a complete list of ports, see TCP and UDP Ports for vCenter Server, ESX/ESXi hosts, and other network components management access (1012382).
Request a Product Feature
To request a new product feature or to provide feedback on a VMware product, please visit the Request a Product Feature page.