Knowledge Base

The VMware Knowledge Base provides support solutions, error messages and troubleshooting guides

Search the VMware Knowledge Base (KB)

View by Article ID

TCP and UDP Ports required to access vCenter Server, ESX hosts, and other network components

Purpose

These services and agents are commonly present in a vSphere environment:

CIM HTTP server (insecure service)
CIM HTTPS server
FTP client (insecure service)
FTP server (insecure service)
iSCSI software client
NFS client (insecure service)
NFS server (insecure service)
NIS client
NTP client
SMB client (insecure service)
SNMP server
SSH client
SSH server
Syslog client
Telnet client (insecure service)
Telnet server (insecure service)
Other supported management agents that you install

vCenter Server, ESX hosts, and other network components are accessed using predetermined TCP and UDP ports. If you manage network components from outside a firewall, you may be required to reconfigure the firewall to allow access on the appropriate ports.

This article provides information on the ports required for VMware products.

For more information, see the Configuration Guide for your product:

Resolution

TCP and UDP ports should be modified for each of the products below:

AppSpeed
Auto Deploy Server
Consolidated Backup
Converter 3.x
Converter 4.x
Converter 5.x
Data Recovery
ESX 3.x
ESX 4.x
ESXi 3.x
ESXi 4.x
ESXi 5.x
ESXi Dump Collector
Guided Consolidation
Heartbeat
Lab Manager
Orchestrator
Site Recovery Manager
Stage Manager
Update Manager
vCenter Server 2.5.x
vCenter Server 4.x
vCenter Server 5.x
vCenter Operations Standard 1.x
View 3.x
View 4.0.x
View 4.5.x
View 4.6.x
View/VDM 2.x
vSphere Management Assistant

Product	Port	Protocol	Source	Target	Purpose
AppSpeed	80	TCP	AppSpeed Server	vCenter Server 4	vCenter proxy interface. Used only during setup to verify the proxy is setup correctly. Port 80 is the default Web Service Port, but a different TCP port can be configured in vCenter Server 4.
AppSpeed	443	TCP	AppSpeed Server	vCenter Server 4	Default port for communications. A different TCP port can be configured in vCenter Server 4.
AppSpeed	22	TCP	AppSpeed Server	AppSpeed Probe	Connections to the probes to access the probes outside of the VPN.
AppSpeed	123	TCP	AppSpeed Server	AppSpeed Probe	NTP services
AppSpeed	1194	TCP/UDP	AppSpeed Server	AppSpeed Probe	Communications over OpenVPN
Auto Deploy Server	6501	TCP	ESXi	vCenter Server	Auto Deploy service
Auto Deploy Server	6502	TCP	ESXi	vCenter Server	Auto Deploy management
Consolidated Backup	443	TCP	VCB Proxy Server	vCenter Server	Required for VCB and vcbMounter communication and backup processes
Consolidated Backup	443	TCP	VCB Proxy Server	ESX/ESXi Host	Required for VCB and vcbMounter communication and backup processes
Converter 3.x	137	UDP	vCenter Converter Server	Source Computer to be converted	For hot migration. Not required if the source computer does not use NetBIOS
Converter 3.x	138	UDP	vCenter Converter Server	Source Computer to be converted	For hot migration. Not required if the source computer does not use NetBIOS
Converter 3.x	139	TCP	vCenter Converter Server	Source Computer to be converted	For hot migration. Not required if the source computer does not use NetBIOS
Converter 3.x	443	TCP	Source Computer to be converted	ESX/ESXi Host	Required for destination VM access when target is ESX/ESXi/vCenter
Converter 3.x	443	TCP	Source Computer to be converted	vCenter Server	Required if vCenter Server is the conversion target
Converter 3.x	443	TCP	vCenter Converter Server	vCenter Server	Required if vCenter Server is the conversion target
Converter 3.x	443	TCP	vCenter Converter Server	ESX/ESXi Host	Required for system conversion
Converter 3.x	445	TCP	vCenter Converter Server	Source Computer to be converted	Required for system conversion. Not required if the source computer uses NetBIOS
Converter 3.x	902	TCP	Source Computer to be converted	ESX/ESXi Host	Required for data transport during cloning of system to be converted to target ESX/ESXi Host
Converter 4.x	22	TCP	Helper Virtual Machine	Source Computer to be converted	Required for conversion of Linux-based source computers (data flows from source to VM)
Converter 4.x	22	TCP	vCenter Converter Server	Source Computer to be converted	Required for conversion of Linux-based source computers
Converter 4.x	137	UDP	vCenter Converter Server	Source Computer to be converted	For hot migration. Not required if the source computer does not use NetBIOS
Converter 4.x	138	UDP	vCenter Converter Server	Source Computer to be converted	For hot migration. Not required if the source computer does not use NetBIOS
Converter 4.x	139	TCP	vCenter Converter Server	Source Computer to be converted	For hot migration. Not required if the source computer does not use NetBIOS
Converter 4.x	443	TCP	vCenter Converter Client	vCenter Converter Server	Only required if the Converter Client and Converter Server were installed on different systems
Converter 4.x	443	TCP	Source Computer to be converted	ESX/ESXi Host	Required for destination VM access when target is ESX/ESXi/vCenter
Converter 4.x	443	TCP	Source Computer to be converted	vCenter Server	Required if vCenter Server is the conversion target
Converter 4.x	443	TCP	vCenter Converter Server	vCenter Server	Required if vCenter Server is the conversion target
Converter 4.x	443	TCP	vCenter Converter Server	ESX/ESXi Host	Required for system conversion
Converter 4.x	443	TCP	vCenter Converter Server	Helper Virtual Machine	Required for conversion of Linux-based source computers
Converter 4.x	445	TCP	vCenter Converter Server	Source Computer to be converted	Required for system conversion. Not required if the source computer uses NetBIOS
Converter 4.x	902	TCP	Source Computer to be converted	ESX/ESXi Host	Required for data transport during cloning of system to be converted to target ESX/ESXi Host
Converter 4.x	9089, 9090	TCP	vCenter Converter Server	Source Computer to be converted	Required for system conversion. Remote agent deployment
Converter 5.x	22	TCP	Converter Standalone server	powered-on source machine	Used to establish an SSH connection between the Converter Standalone server and the source Linux machine
Converter 5.x	137	UDP	Converter Stardalone server	powered-on source machine	For hot migration. Not required if the source computer does not use NetBIOS
Converter 5.x	138	UDP	Converter Stardalone server	powered-on source machine	For hot migration. Not required if the source computer does not use NetBIOS
Converter 5.x	139	TCP	Converter Stardalone server	powered-on source machine	For hot migration. Not required if the source computer does not use NetBIOS
Converter 5.x	443	TCP	Converter Standalone server	vCenter Server	Required only if theconversion destination is a vCenter Server
Converter 5.x	443	TCP	Converter Standalone client	Converter Standalone server	Required only if the Converter Standalone server and Linux client components are on different machines
Converter 5.x	443	TCP	Converter Standalone client	vCenter server	Required only if the Converter Standalone server and client components are on different machines
Converter 5.x	443, 902	TCP	Powered-on Source Linux machine	ESX/ESXi Host	If the conversion destination is vCenter server, only port 902 is required
Converter 5.x	445	TCP	Converter Stardalone server	powered-on source machine	Required for system conversion. Not required if the source computer uses NetBIOS
Converter 5.x	9089	TCP	Converter Standalone server	powered-on source machine	Required for system conversion. Remote agent deployment
Data Recovery	443	TCP	Data Recovery Appliance	vCenter Server	VDR to vCenter Server communications
Data Recovery	902	TCP	Data Recovery Appliance	ESX Host	VDR to ESX communications
Data Recovery	22024	TCP	Data Recovery vSphere Client Plug-in	Data Recovery Appliance	Data Recovery management
ESX 3.x	21	TCP	FTP Client	ESX Host	FTP
ESX 3.x	21	TCP	ESX Host	FTP Server	FTP
ESX 3.x	22	TCP	SSH Client	ESX Host	SSH
ESX 3.x	22	TCP	ESX Host	SSH Server	SSH
ESX 3.x	53	UDP	ESX/ESXi Host	DNS Server	DNS
ESX 3.x	80	TCP	Client PC	ESX/ESXi Host	Redirect Web Browser to HTTPS Service (443)
ESX 3.x	88	TCP	ESX Host	Active Directory Server	PAM Active Directory Authentication - Kerberos
ESX 3.x	111	UDP	ESX/ESXi Host	NFS Server	NFS Client – RPC Portmapper
ESX 3.x	111	TCP	ESX/ESXi Host	NFS Server	NFS Client – RPC Portmapper
ESX 3.x	123	UDP	ESX/ESXi Host	NTP Time Server	NTP Client
ESX 3.x	137 to 139	TCP	ESX Host	SMB Server	SMB
ESX 3.x	161	UDP	SNMP Server	ESX Host	SNMP Polling
ESX 3.x	162	UDP	ESX Host	SNMP Collector	SNMP Trap Send
ESX 3.x	389	TCP/UDP	ESX Host	LDAP Server	PAM Active Directory Authentication – LDAP
ESX 3.x	427	UDP	ESX/ESXi Host	ESX/ESXi Host	CIM Service Location Protocol (SLP)
ESX 3.x	427	TCP	ESX/ESXi Host	ESX/ESXi Host	CIM Service Location Protocol (SLP)
ESX 3.x	443	TCP	Client PC	ESX Host	Host VI Management via web browser
ESX 3.x	443	TCP	VI/vSphere Client	ESX/ESXi Host	VI/vSphere Client to ESX/ESXi Host management connection
ESX 3.x	443	TCP	ESX/ESXi Host	ESX/ESXi Host	Host to host VM migration and provisioning
ESX 3.x	445	TCP	ESX Host	SMB Server	SMB
ESX 3.x	445	TCP	ESX Host	MS Directory Services Server	PAM Active Directory Authentication
ESX 3.x	445	UDP	ESX Host	MS Directory Services Server	PAM Active Directory Authentication
ESX 3.x	464	TCP	ESX Host	Active Directory Server	PAM Active Directory Authentication – Kerberos Password Services
ESX 3.x	514	UDP	ESX/ESXi Host	Syslog Server	Remote syslog logging
ESX 3.x	902	TCP	VI/vSphere Client	ESX/ESXi Host	VI/vSphere Client to ESX/ESXi hosted VM connectivity
ESX 3.x	902	TCP/UDP	ESX/ESXi Host	ESX/ESXi Host	Authentication, Provisioning, VM Migration
ESX 3.x	902	TCP/UDP	ESX/ESXi Host	Virtual Center 3.x/ vCenter Server 4.x	Heartbeat
ESX 3.x	903	TCP	VI/vSphere Client	ESX/ESXi Host	VM Remote Console
ESX 3.x	2049	UDP	ESX/ESXi Host	NFS Server	NFS Client
ESX 3.x	2049	TCP	ESX/ESXi Host	NFS Server	NFS Client
ESX 3.x	2050 to 2250	UDP	ESX/ESXi Host	ESX/ESXi Host	VMware HA
ESX 3.x	3260	TCP	ESX/ESXi Host	iSCSI SAN	Software iSCSI Client and Hardware iSCSI HBA
ESX 3.x	5988	TCP	ESX/ESXi Host	ESX/ESXi Host	CIM Client to CIM Secure Server
ESX 3.x	5989	TCP	ESX/ESXi Host	VirtualCenter/vCenter Server	CIM Secure Server to CIM Client
ESX 3.x	5989	TCP	VirtualCenter/vCenter Server	ESX/ESXi Host	CIM Client to CIM Secure Server
ESX 3.x	8000	TCP	ESX/ESXi Host (VM Target)	ESX/ESXi Host (VM Source)	VMotion Communication on VMKernel Interface
ESX 3.x	8000	TCP	ESX/ESXi Host (VM Source)	ESX/ESXi Host (VM Target)	VMotion Communication on VMKernel Interface
ESX 3.x	8042 to 8045	TCP	ESX/ESXi Host	ESX/ESXi Host	VMware HA
ESX 3.x	27000	TCP	ESX/ESXi Host	VMware License Server	ESX/ESXi 3.x Host to License Server communication
ESX 3.x	27010	TCP	ESX/ESXi Host	VMware License Server	ESX/ESXi 3.x Host to License Server communication
ESX 4.x	21	TCP	FTP Client	ESX Host	FTP
ESX 4.x	21	TCP	ESX Host	FTP Server	FTP
ESX 4.x	22	TCP	ESX Host	SSH Server	SSH
ESX 4.x	22	TCP	SSH Client	ESX Host	SSH
ESX 4.x	53	UDP	ESX/ESXi Host	DNS Server	DNS
ESX 4.x	80	TCP	Client PC	ESX/ESXi Host	Redirect Web Browser to HTTPS Service (443)
ESX 4.x	88	TCP	ESX Host	Active Directory Server	PAM Active Directory Authentication - Kerberos
ESX 4.x	111	UDP	ESX/ESXi Host	NFS Server	NFS Client – RPC Portmapper
ESX 4.x	111	TCP	ESX/ESXi Host	NFS Server	NFS Client – RPC Portmapper
ESX 4.x	123	UDP	ESX/ESXi Host	NTP Time Server	NTP Client
ESX 4.x	137 to 139	TCP	ESX Host	SMB Server	SMB
ESX 4.x	161	UDP	SNMP Server	ESX Host	SNMP Polling
ESX 4.x	162	UDP	ESX Host	SNMP Collector	SNMP Trap Send
ESX 4.x	389	TCP/UDP	ESX Host	LDAP Server	PAM Active Directory Authentication – LDAP
ESX 4.x	427	UDP	ESX/ESXi Host	ESX/ESXi Host	CIM Service Location Protocol (SLP)
ESX 4.x	427	TCP	ESX/ESXi Host	ESX/ESXi Host	CIM Service Location Protocol (SLP)
ESX 4.x	443	TCP	ESX/ESXi Host	ESX/ESXi Host	Host to host VM migration and provisioning
ESX 4.x	443	TCP	Client PC	ESX Host	Host VI Management via web browser
ESX 4.x	443	TCP	vSphere Client	ESX/ESXi Host	vSphere Client to ESX/ESXi Host management connection
ESX 4.x	445	UDP	ESX Host	MS Directory Services Server	PAM Active Directory Authentication
ESX 4.x	445	TCP	ESX Host	MS Directory Services Server	PAM Active Directory Authentication
ESX 4.x	445	TCP	ESX Host	SMB Server	SMB
ESX 4.x	464	TCP	ESX Host	Active Directory Server	PAM Active Directory Authentication – Kerberos Password Services
ESX 4.x	514	UDP	ESX/ESXi Host	Syslog Server	Remote syslog logging
ESX 4.x	902	TCP	vSphere Client	ESX/ESXi Host	vSphere Client to ESX/ESXi hosted VM connectivity
ESX 4.x	902	TCP/UDP	ESX/ESXi Host	ESX/ESXi Host	Authentication, Provisioning, VM Migration
ESX 4.x	902	TCP/UDP	ESX/ESXi Host	vCenter Server 4.x	Heartbeat
ESX 4.x	903	TCP	VI/vSphere Client	ESX/ESXi Host	VM Remote Console
ESX 4.x	2049	UDP	ESX/ESXi Host	NFS Server	NFS Client
ESX 4.x	2049	TCP	ESX/ESXi Host	NFS Server	NFS Client
ESX 4.x	2050 to 2250	UDP	ESX/ESXi Host	ESX/ESXi Host	VMware HA
ESX 4.x	3260	TCP	ESX/ESXi Host	iSCSI SAN	Software iSCSI Client and Hardware iSCSI HBA
ESX 4.x	5900 to 5964	TCP	ESX/ESXi Host	ESX/ESXi Host	RFB Protocol used by management tools such as VNC
ESX 4.x	5988	TCP	ESX/ESXi Host	ESX/ESXi Host	CIM Client to CIM Secure Server
ESX 4.x	5989	TCP	VirtualCenter/vCenter	ESX/ESXi Host	CIM Client to CIM Secure Server
ESX 4.x	5989	TCP	ESX/ESXi Host	VirtualCenter/vCenter	CIM Secure Server to CIM Client
ESX 4.x	8000	TCP	ESX/ESXi Host (VM Target)	ESX/ESXi Host (VM Source)	VMotion Communication on VMKernel Interface
ESX 4.x	8000	TCP	ESX/ESXi Host (VM Source)	ESX/ESXi Host (VM Target)	VMotion Communication on VMKernel Interface
ESX 4.x	8042 to 8045	TCP	ESX/ESXi Host	ESX/ESXi Host	VMware HA
ESX 4.x	47	UDP	ESX/ESXi Host	Physical Switches	vDS (Virtual Distributed Switch) Broadcast
ESX 4.x	8100	TCP/UDP	ESX/ESXi 4 Host	ESX/ESXi 4.x Host	VMware Fault Tolerance. ESX/ESXi 4 only.
ESX 4.x	8200	TCP/UDP	ESX/ESXi 4 Host	ESX/ESXi 4.x Host	VMware Fault Tolerance. ESX/ESXi 4 only.
ESX 4.x	8301	UDP	ESX/ESXi 4.x Host	ESX/ESXi 4.x	DVS Port Information
ESX 4.x	8302	UDP	ESX/ESXi 4.x Host	ESX/ESXi 4.x Host	DVS Port Information
ESXi 3.x	53	UDP	ESX/ESXi Host	DNS Server	DNS
ESXi 3.x	80	TCP	Client PC	ESX/ESXi Host	Redirect Web Browser to HTTPS Service (443)
ESXi 3.x	111	TCP	ESX/ESXi Host	NFS Server	NFS Client – RPC Portmapper
ESXi 3.x	111	UDP	ESX/ESXi Host	NFS Server	NFS Client – RPC Portmapper
ESXi 3.x	123	UDP	ESX/ESXi Host	NTP Time Server	NTP Client
ESXi 3.x	162	UDP	ESX Host	SNMP Collector	SNMP Trap Send
ESXi 3.x	427	UDP	ESX/ESXi Host	ESX/ESXi Host	CIM Service Location Protocol (SLP)
ESXi 3.x	427	TCP	ESX/ESXi Host	ESX/ESXi Host	CIM Service Location Protocol (SLP)
ESXi 3.x	443	TCP	VI/vSphere Client	ESX/ESXi Host	VI/vSphere Client to ESX/ESXi Host management connection
ESXi 3.x	443	TCP	ESX/ESXi Host	ESX/ESXi Host	Host to host VM migration and provisioning
ESXi 3.x	514	UDP	ESX/ESXi Host	Syslog Server	Remote syslog logging
ESXi 3.x	902	TCP	VI/vSphere Client	ESX/ESXi Host	VI/vSphere Client to ESX/ESXi hosted VM connectivity
ESXi 3.x	902	TCP/UDP	ESX/ESXi Host	ESX/ESXi Host	Authentication, Provisioning, VM Migration
ESXi 3.x	902	TCP/UDP	ESX/ESXi Host	Virtual Center 3.x/ vCenter Server 4.x	Heartbeat
ESXi 3.x	903	TCP	VI/vSphere Client	ESX/ESXi Host	VM Remote VM Console
ESXi 3.x	2049	TCP	ESX/ESXi Host	NFS Server	NFS Client
ESXi 3.x	2049	UDP	ESX/ESXi Host	NFS Server	NFS Client
ESXi 3.x	2050 to 2250	UDP	ESX/ESXi Host	ESX/ESXi Host	VMware HA
ESXi 3.x	3260	TCP	ESX/ESXi Host	iSCSI SAN	Software iSCSI Client and Hardware iSCSI HBA
ESXi 3.x	5988	TCP	ESX/ESXi Host	ESX/ESXi Host	CIM Client to CIM Secure Server
ESXi 3.x	5989	TCP	VirtualCenter/vCenter	ESX/ESXi Host	CIM Client to CIM Secure Server
ESXi 3.x	5989	TCP	ESX/ESXi Host	VirtualCenter/vCenter	CIM Secure Server to CIM Client
ESXi 3.x	8000	TCP	ESX/ESXi Host (VM Target)	ESX/ESXi Host (VM Source)	VMotion Communication on VMKernel Interface
ESXi 3.x	8000	TCP	ESX/ESXi Host (VM Source)	ESX/ESXi Host (VM Target)	VMotion Communication on VMKernel Interface
ESXi 3.x	8042 to 8045	TCP	ESX/ESXi Host	ESX/ESXi Host	VMware HA
ESXi 3.x	27000	TCP	ESX/ESXi Host	VMware License Server	ESX/ESXi 3.x Host to License Server communication
ESXi 3.x	27010	TCP	ESX/ESXi Host	VMware License Server	ESX/ESXi 3.x Host to License Server communication
ESXi 4.x	53	UDP	ESX/ESXi Host	DNS Server	DNS
ESXi 4.x	80	TCP	Client PC	ESX/ESXi Host	Redirect Web Browser to HTTPS Service (443)
ESXi 4.x	88	TCP	ESXi host	Active Directory Server	PAM Active Directory Authentication - Kerberos
ESXi 4.x	111	TCP	ESX/ESXi Host	NFS Server	NFS Client – RPC Portmapper
ESXi 4.x	111	UDP	ESX/ESXi Host	NFS Server	NFS Client – RPC Portmapper
ESXi 4.x	123	UDP	ESX/ESXi Host	NTP Time Server	NTP Client
ESXi 4.x	161	UDP	SNMP Server	ESXi 4.x Host	SNMP Polling. Not used in ESXi 3.x
ESXi 4.x	162	UDP	ESXi Host	SNMP Collector	SNMP Trap Send
ESXi 4.x	389	TCP/UDP	ESXi host	LDAP Server	PAM Active Directory Authentication - Kerberos
ESXi 4.x	427	UDP	ESX/ESXi Host	ESX/ESXi Host	CIM Service Location Protocol (SLP)
ESXi 4.x	427	TCP	ESX/ESXi Host	ESX/ESXi Host	CIM Service Location Protocol (SLP)
ESXi 4.x	443	TCP	VI/vSphere Client	ESX/ESXi Host	VI/vSphere Client to ESX/ESXi Host management connection
ESXi 4.x	443	TCP	ESX/ESXi Host	ESX/ESXi Host	Host to host VM migration and provisioning
ESXi 4.x	445	UDP	ESXi host	MS Directory Services Server	PAM Active Directory Authentication
ESXi 4.x	445	TCP	ESXi host	MS Directory Services Server	PAM Active Directory Authentication
ESXi 4.x	445	TCP	ESXi host	SMB Server	SMB Server
ESXi 4.x	464	TCP	ESXi host	Active Directory Server	PAM Active Directory Authentication - Kerberos
ESXi 4.x	514	UDP	ESX/ESXi Host	Syslog Server	Remote syslog logging
ESXi 4.x	902	TCP	VI/vSphere Client	ESX/ESXi Host	VI/vSphere Client to ESX/ESXi hosted VM connectivity
ESXi 4.x	902	TCP/UDP	ESX/ESXi Host	ESX/ESXi Host	Authentication, Provisioning, VM Migration
ESXi 4.x	902	TCP/UDP	ESX/ESXi Host	vCenter 4 Server	Heartbeat
ESXi 4.x	902	TCP	VI/vSphere Client	ESX/ESXi Host	VM Remote VM Console
ESXi 4.x	2049	TCP	ESX/ESXi Host	NFS Server	NFS Client
ESXi 4.x	2049	UDP	ESX/ESXi Host	NFS Server	NFS Client
ESXi 4.x	2050 to 2250	UDP	ESX/ESXi Host	ESX/ESXi Host	VMware HA
ESXi 4.x	3260	TCP	ESX/ESXi Host	iSCSI SAN	Software iSCSI Client and Hardware iSCSI HBA
ESXi 4.x	5900 to 5964	TCP	ESX/ESXi Host	ESX/ESXi Host	RFB Protocol used by management tools such as VNC
ESXi 4.x	5988	TCP	ESX/ESXi Host	ESX/ESXi Host	CIM Client to CIM Secure Server
ESXi 4.x	5989	TCP	VirtualCenter/vCenter	ESX/ESXi Host	CIM Client to CIM Secure Server
ESXi 4.x	5989	TCP	ESX/ESXi Host	VirtualCenter/vCenter	CIM Secure Server to CIM Client
ESXi 4.x	8000	TCP	ESX/ESXi Host (VM Target)	ESX/ESXi Host (VM Source)	VMotion Communication on VMkernel Interface
ESXi 4.x	8000	TCP	ESX/ESXi Host (VM Source)	ESX/ESXi Host (VM Target)	VMotion Communication on VMkernel Interface
ESXi 4.x	47	UDP	ESX/ESXi Host	Physical Switches	vDS (Virtual Distributed Switch) Broadcast
ESXi 4.x	8042 to 8045	TCP	ESX/ESXi Host	ESX/ESXi Host	VMware HA
ESXi 4.x	8100	TCP/UDP	ESX/ESXi 4 Host	ESX/ESXi 4.x Host	VMware Fault Tolerance. ESX/ESXi 4 only.
ESXi 4.x	8200	TCP/UDP	ESX/ESXi 4 Host	ESX/ESXi 4.x Host	VMware Fault Tolerance. ESX/ESXi 4 only.
ESXi 4.x	8301	UDP	ESX/ESXi 4.x Host	ESX/ESXi 4.x Host	DVS Port Information
ESXi 4.x	8302	UDP	ESX/ESXi 4.x Host	ESX/ESXi 4.x Host	DVS Port Information
ESXi 5.x	22	TCP	Client PC	ESXi 5.x	SSH Server
ESXi 5.x	53	UDP	ESXi 5.x	DNS Server	DNS Client
ESXi 5.x	68	UDP	ESXi 5.x	DHCP Server	DHCP Client
ESXi 5.x	80	TCP	Client PC	ESXi 5.x	Redirect Web Browser to HTTPS Service (443)
ESXi 5.x	88	TCP	ESXi host	Active Directory Server	PAM Active Directory Authentication - Kerberos
ESXi 5.x	111	TCP	ESX/ESXi Host	NFS Server	NFS Client – RPC Portmapper
ESXi 5.x	111	UDP	ESX/ESXi Host	NFS Server	NFS Client – RPC Portmapper
ESXi 5.x	123	UDP	ESX/ESXi Host	NTP Time Server	NTP Client
ESXi 5.x	161	UDP	SNMP Server	ESXi 4.x Host	SNMP Polling. Not used in ESXi 3.x
ESXi 5.x	162	UDP	ESXi Host	SNMP Collector	SNMP Trap Send
ESXi 5.x	389	TCP/UDP	ESXi host	LDAP Server	PAM Active Directory Authentication - Kerberos
ESXi 5.x	427	UDP	ESX/ESXi Host	ESX/ESXi Host	CIM Service Location Protocol (SLP)
ESXi 5.x	443	TCP	VI/vSphere Client	ESX/ESXi Host	VI/vSphere Client to ESX/ESXi Host management connection
ESXi 5.x	443	TCP	ESX/ESXi Host	ESX/ESXi Host	Host to host VM migration and provisioning
ESXi 5.x	445	UDP	ESXi host	MS Directory Services Server	PAM Active Directory Authentication
ESXi 5.x	445	TCP	ESXi host	MS Directory Services Server	PAM Active Directory Authentication
ESXi 5.x	445	TCP	ESXi host	SMB Server	SMB Server
ESXi 5.x	464	TCP	ESXi host See .	Active Directory Server	PAM Active Directory Authentication - Kerberos
ESXi 5.x	514	UDP/TCP	ESXi 5.x	Syslog Server	Remote syslog logging
ESXi 5.x	902	TCP/UDP	ESXi 5.x	ESXi 5.x	Host access to other hosts for migration and provisioning
ESXi 5.x	902	TCP	vSphere Client	ESXi 5.x	vSphere Client access to virtual machine consoles
ESXi 5.x	902	TCP/UDP	ESXi 5.x	vCenter Server	(UDP) Status update (heartbeat) connection from E SXi to vCenter Server
ESXi 5.x	2049	TCP	ESXi 5.x	NFS Server	Transactions from NFS storage devices
ESXi 5.x	2049	UDP	ESXi 5.x	NFS Server	Transactions from NFS storage devices
ESXi 5.x	3260	TCP	ESXi 5.x	iSCSI storage server	Transactions to iSCSI storage devices
ESXi 5.x	5900 to 5964	TCP	ESXi 5.x	ESXi 5.x	RFB protocol, which is used by management tools such as VNC
ESXi 5.x	5988	TCP	CIM Server	ESXi 5.x	CIM transactions over HTTP
ESXi 5.x	5989	TCP	vCenter Server	ESXi 5.x	CIM XML transactions over HTTPS
ESXi 5.x	5989	TCP	ESXi 5.x	vCenter Server	CIM XML transactions over HTTPS
ESXi 5.x	8000	TCP	ESXi 5.x (VM Target)	ESXi 5.x (VM Source)	Requests from vMotion
ESXi 5.x	8000	TCP	ESXi 5.x (VM Source)	ESXi 5.x (VM Target)	Requests from vMotion
ESXi 5.x	8100	TCP/UDP	ESXi 5.x	ESXi 5.x	Traffic between hosts for vSphere Fault Tolerance (FT)
ESXi 5.x	8182	TCP/UDP	ESXi 5.x	ESXi 5.x	Traffic between hosts for vSphere High Availability (vSphere HA)
ESXi 5.x	8200	TCP/UDP	ESXi 5.x	ESXi 5.x	Traffic between hosts for vSphere Fault Tolerance (FT)
ESXi 5.x	8301	UDP	ESXi 5.x	ESXi 5.x	DVS Port Information
ESXi 5.x	8302	UDP	ESXi 5.x	ESXi 5.x	DVS Port Information
ESXi 5.x	31100	TCP	vCenter	SPS Server	Internal Communication Port
ESXi 5.x	31000	TCP	SPS Server	vCenter	Internal Communication Port
ESXi Dump Collector	6500	UDP	ESXi	vCenter Server	Network coredump server
ESXi Dump Collector	8000	TCP	ESXi	vCenter Server	Network coredump web port
Guided Consolidation	135	TCP/UDP	Consolidation Target (Physical Server)	vCenter Converter Server	Microsoft DCE Locator Service, also known at End-Point Mapper
Guided Consolidation	137	TCP/UDP	Consolidation Target (Physical Server)	vCenter Converter Server	NetBIOS names service. Firewall administrators frequently see larger numbers of incoming packets to port 137. This is because of Windows servers that use NetBIOS (as well as DNS) to resolve IP addresses to names using the gethostbyaddr() function. As users behind the firewalls visit Windows-based Web sites, those servers frequently respond with NetBIOS lookups.
Guided Consolidation	138	TCP/UDP	Consolidation Target (Physical Server)	vCenter Converter Server	NetBIOS datagram Used by Windows, as well as UNIX services (such as SAMBA). Port 138 is used primarily by the SMB browser service that obtains Network Neighborhood information.
Guided Consolidation	139	TCP/UDP	Consolidation Target (Physical Server)	vCenter Converter Server	NetBIOS Session Windows File and Printer sharing.
Guided Consolidation	445	TCP/UDP	Consolidation Target (Physical Server)	vCenter Converter Server	DNS Direct Hosting port. In Windows 2000 and Windows XP, redirector and server components now support direct hosting for communicating with other computers running Windows 2000 or Windows XP. Direct hosting does not use NetBIOS for name resolution. DNS is used for name resolution, and the Microsoft networking communication is sent directly over TCP without a NetBIOS header. Direct hosting over TCP/IP uses TCP and UDP port 445 instead of the NetBIOS session TCP port 139.
Heartbeat	52267	TCP	vCenter Server Heartbeat Console	vCenter Server Heartbeat Server	Client Connection Port
Heartbeat	57348	TCP	vCenter Server Primary Server	vCenter Server Secondary Server	Default Channel Port to communicate between Primary and Secondary server
Lab Manager	137	UDP	ESX/ESXi Host	SMB File Server	SMB File Sharing for Importing/Exporting VMs. ESXi requires Lab Manager 4.x
Lab Manager	138	UDP	ESX/ESXi Host	SMB File Server	SMB File Sharing for Importing/Exporting VMs. ESXi requires Lab Manager 4.x
Lab Manager	139	TCP	ESX/ESXi Host	SMB File Server	SMB File Sharing for Importing/Exporting VMs. ESXi requires Lab Manager 4.x
Lab Manager	389	TCP/UDP	Lab Manager Server	LDAP Server	LDAP Authentication (optional)
Lab Manager	443	TCP	Client PC	Lab Manager Server	Lab Manager Console (Web Browser)
Lab Manager	443	TCP	Lab Manager Server	vCenter Server	Lab Manager to vCenter Server Communication
Lab Manager	445	TCP	ESX/ESXi Host	SMB File Server	SMB File Sharing for Importing/Exporting VMs. ESXi requires Lab Manager 4.x
Lab Manager	514	TCP	Lab Manager Server	Virtual Router	Update IP tables and routing on the vRouter
Lab Manager	636	TCP	Lab Manager Server	LDAP Server	LDAPS Authentication (optional)
Lab Manager	1433	TCP	Lab Manager Server	Microsoft SQL Server	Lab Manager Connectivity to Microsoft SQL Server (for LM database)
Lab Manager	5212	TCP	Lab Manager Server	ESX/ESXi Host	Lab Manager Agent. ESXi requires Lab Manager 4.x
Orchestrator	25	TCP	VCO Server	SMTP Server	Email notifications
Orchestrator	389	TCP/UDP	VCO Server	LDAP Server	LDAP Authentication
Orchestrator	443	TCP	VCO Server	vCenter Server	Used to obtain virtual infrastructure and virtual machine information from orchestrated vCenter Server(s) through the vCenter API
Orchestrator	636	TCP	VCO Server	LDAP Server	VCO uses LDAP authentication and group membership to determine role authorization in LCM and access to VMs/requests. This is the SSL secured LDAP protocol LDAPS (the SSL pendent of 389). This is used for secured LDAP authentication
Orchestrator	1433	TCP	VCO Server	Microsoft SQL Server	vCenter Orchestrator Server to Microsoft SQL Server for VCO Database
Orchestrator	1521	TCP	VCO Server	Oracle Database Server	vCenter Orchestrator Server to Oracle for VCO Database
Orchestrator	3306	TCP	VCO Server	MySQL Server	vCenter Orchestrator Server to MySQL Server for VCO Database
Orchestrator	5432	TCP	VCO Server	PostgresSQL Server	vCenter Orchestrator Server to PostgresSQL Server for VCO Database
Orchestrator	8230	TCP	VCO Client	VCO Server	Lookup port – The main port to communicate with Orchestrator Configurator server (JNDI port). All other ports communicate with the Orchestrator Configurator smart client through this one. It is part of the JBoss Application server infrastructure
Orchestrator	8240	TCP	VCO Client	VCO Server	Command port – The application communication port (RMI container port), it is used for remote invocations. It is part of the JBoss Application server infrastructure.
Orchestrator	8244	TCP	VCO Client	VCO Server	Data port used to access all Orchestrator data models, such as workflows and policies. It is part of the JBoss application server infrastructure.
Orchestrator	8250	TCP	VCO Client	VCO Server	Messaging port – The Java messaging port used to dispatch events. It is part of the JBoss Application server infrastructure
Orchestrator	8280	TCP	VCO Server	VCO Server	Port used by VCO Server to connect to the Web front-end via HTTP
Orchestrator	8281	TCP	VCO Server	VCO Server	Port used by VCO Server to connect to the Web front-end via HTTPS
Orchestrator	8281	TCP	vCenter Server	VCO Server	Port used by VCO Server to connect to vCenter Server to communicate with the vCenter API
Orchestrator	8282	TCP	VCO Client PC	VCO Server	HTTP server port – Port used by the HTTP connector to connect to the Web frontend.
Orchestrator	8283	TCP	VCO Client PC	VCO Server	HTTPS server port – Port used by HTTP connector to connect to the Web frontend. Requires Jetty to be configured for SSL.
Site Recovery Manager	80	80	Site Recovery Manager	Remote vCenter Server	SRM communication. SRM Server at Site A to vCenter Server at Site B (failover) over HTTP and SSL tunnel
Site Recovery Manager	80	80	Site Recovery Manager	Remote vCenter Server	SRM communication with local vCenter server (inventory) & vSphere Client Plug-in download
Site Recovery Manager	443	TCP	Site Recovery Manager	Remote vCenter Server	SRM communication with remote vCenter Server via HTTP over SSL tunnel
Site Recovery Manager	1433	TCP	Site Recovery Manager	Microsoft SQL Server	SRM Connectivity to Microsoft SQL Server (for SRM database)
Site Recovery Manager	1521	TCP	Site Recovery Manager	Oracle Database Server	SRM Connectivity to Oracle (for SRM database)
Site Recovery Manager	1526	TCP	Site Recovery Manager	Oracle Database Server	SRM Connectivity to Oracle (for SRM database)
Site Recovery Manager	5000	TCP	Site Recovery Manager	IBM DB2 Database Server	SRM Connectivity to IBM DB/2 (for SRM database)
Site Recovery Manager	8095	TCP	Site Recovery Manager	vCenter server	SRM server and vCenter server (intrasite only).
Site Recovery Manager	8095	TCP	vSphere Client	Site Recovery Manager	SRM client plugin to communicate with SRM server
Site Recovery Manager	8095	TCP	vSphere Client	vCenter server	SRM client plugin to communicate with vCenter server
Site Recovery Manager	8096	TCP	Site Recovery Manager	vCenter server	vCenter server (for plug-in download).
Site Recovery Manager	9007	TCP	Site Recovery Manager	External SRM API Client	SRM communication via WSDL
Site Recovery Manager	9007	TCP	vSphere Client	vCenter server	SRM client plugin to communicate with vCenter server
Site Recovery Manager	9008	TCP	Site Recovery Manager	External SRM API Client	SRM communication via HTTP
Stage Manager	137	UDP	ESX Host	SMB File Server	SMB File Sharing for Importing/Exporting VMs
Stage Manager	138	UDP	ESX Host	SMB File Server	SMB File Sharing for Importing/Exporting VMs
Stage Manager	139	TCP	ESX Host	SMB File Server	SMB File Sharing for Importing/Exporting VMs
Stage Manager	389	TCP/UDP	Stage Manager Server	LDAP Server	LDAP Authentication (optional)
Stage Manager	443	TCP	Client PC	Stage Manager Server	Stage Manager Console (Web Browser)
Stage Manager	443	TCP	Stage Manager Server	ESX Host	Stage Manager Server communication with ESX Host Agent
Stage Manager	443	TCP	Stage Manager Server	vCenter Server	Stage Manager Server communication with vCenter Server
Stage Manager	445	TCP	ESX Host	SMB File Server	SMB File Sharing for Importing/Exporting VMs
Stage Manager	514	TCP	Stage Manager Server	ESX Host	ESX Host Virtual Router
Stage Manager	636	TCP	Stage Manager Server	LDAP Server	LDAPS Authentication (optional)
Stage Manager	5212	TCP	Stage Manager Server	ESX Host	Stage Manager Agent
Update Manager	80	TCP	Update Manager Server	www.vmware.com and xml.shavlik.com	To obtain metadata for the updates, Update Manager must be able to connect to http://www.vmware.com and http://xml.shavlik.com
Update Manager	80	TCP	ESX/ESXi Host	Update Manager Host	ESX/ESXi Host to Update Manager Server. The reverse proxy forwards the request to port 9084
Update Manager	80	TCP	Update Manager Server	vCenter Server	Update Manager to vCenter Server communication
Update Manager	443	TCP	Update Manager Server	www.vmware.com and xml.shavlik.com	To obtain metadata for the updates, Update Manager must be able to connect to http://www.vmware.com and http://xml.shavlik.com
Update Manager	443	TCP	ESX/ESXi Host	Update Manager Server	ESX/ESXi Host to Update Manager Server . The reverse proxy forwards the request to port 9084
Update Manager	443	TCP	vCenter Server	Update Manager Server	vCenter Server to Update Manager Server. The reverse proxy forwards the request to port 8084
Update Manager	902	TCP	Update Manager Server	ESX/ESXi Host	To push patches and updates from Update Manager to the ESX/ESXi Hosts to be updated
Update Manager	1433	TCP	Update Manager Server	Microsoft SQL Server	Update Manager to Microsoft SQL Server connectivity (for UM Database)
Update Manager	1521	TCP	Update Manager Server	Oracle Database Server	Update Manager to Oracle connectivity (for UM Database)
Update Manager	8084	TCP	Update Manager Server	vCenter Server	SOAP between components of Update Manager Server and the vCenter Update Manager client plug-in. Configurable at install.
Update Manager	9084	TCP	ESX/ESXi host	Update Manager Server	ESX/ESXi hosts connect to the VUM (VMware Update Manager) webserver listening for updates. Configurable at install.
Update Manager	9087	TCP	Update Manager Server	vCenter Server	Port used for uploading host update files. Configurable at install.
Update Manager	9000 to 9100	TCP	ESX/ESXi Host	Update Manager Server	This is the recommend port range from which to choose ports for Update Manager if ports 80 and 443 are already in use. Update Manager automatically opens these ports for ESX Host scanning and remediation.
vCenter 2.5.x	25	TCP	vCenter Server	SMTP Server	Email notifications
vCenter 2.5.x	53	UDP	vCenter Server	DNS Server	DNS lookups
vCenter 2.5.x	80	TCP	Client PC	vCenter Server	Redirect Web Browser to HTTPS Service (443)
vCenter 2.5.x	88	TCP	vCenter Server	Active Directory Server	AD Authentication
vCenter 2.5.x	88	UDP	vCenter Server	Active Directory Server	AD Authentication
vCenter 2.5.x	161	UDP	SNMP Server	vCenter Server	SNMP Polling
vCenter 2.5.x	162	UDP	vCenter Server	SNMP Server	SNMP Trap Send
vCenter 2.5.x	389	TCP/UDP	vCenter Server	LDAP Server	LDAP Authentication
vCenter 2.5.x	443	TCP	vCenter Server	ESX/ESXi Host	vCenter Agent
vCenter 2.5.x	443	TCP	Client PC	vCenter Server	VI Web Access (Web Browser)
vCenter 2.5.x	443	TCP	VI/vSphere Client	vCenter Server	VI/vSphere Client access to vCenter Server
vCenter 2.5.x	445	TCP	vCenter Server	Active Directory Server	AD Authentication
vCenter 2.5.x	445	UDP	vCenter Server	Active Directory Server	AD Authentication
vCenter 2.5.x	902	TCP/UDP	vCenter Server	ESX/ESXi Host	Heartbeat
vCenter 2.5.x	902	TCP/UDP	ESX/ESXi Host	vCenter Server	Heartbeat
vCenter 2.5.x	903	TCP	Client PC	vCenter Server	VI/vSphere Client to VM Console
vCenter 2.5.x	903	TCP	vCenter Server	ESX/ESXi Host	VI/vSphere Client to VM Console (after connection established between VI/vSphere Client and vCenter)
vCenter 2.5.x	1433	TCP	vCenter Server	Microsoft SQL Server	For vCenter Microsoft SQL Server Database
vCenter 2.5.x	1521	TCP	vCenter Server	Oracle Database Server	For vCenter Oracle Database
vCenter 2.5.x	5989	TCP	VirtualCenter/vCenter	ESX/ESXi Host	vCenter to ESX
vCenter 2.5.x	5989	TCP	ESX/ESXi Host	VirtualCenter/vCenter	ESX to vCenter
vCenter 2.5.x	8005	TCP	vCenter Server	vCenter Server	Internal Communication Port
vCenter 2.5.x	8006	TCP	vCenter Server	vCenter Server	Internal Communication Port
vCenter 2.5.x	8083	TCP	vCenter Server	vCenter Server	Internal Service Diagnostics
vCenter 2.5.x	8085	TCP	vCenter Server	vCenter Server	Internal Service Diagnostics
vCenter 2.5.x	8086	TCP	vCenter Server	vCenter Server	Internal Communication Port
vCenter 2.5.x	8087	TCP	vCenter Server	vCenter Server	Internal Service Diagnostics
vCenter 2.5.x	27000	TCP	vCenter Server	VMware License Server	Licensing via FlexLM. Only required by vCenter 4 if ESX/ESXi 3.x Hosts will be supported
vCenter 2.5.x	27000	TCP	VMware License Server	vCenter Server	Licensing via FlexLM. Only required by vCenter 4 if ESX/ESXi 3.x Hosts will be supported
vCenter 2.5.x	27010	TCP	vCenter Server	VMware License Server	Licensing via FlexLM. Only required by vCenter 4 if ESX/ESXi 3.x Hosts will be supported
vCenter 2.5.x	27010	TCP	VMware License Server	vCenter Server	Licensing via FlexLM. Only required by vCenter 4 if ESX/ESXi 3.x Hosts will be supported
vCenter 4.x	25	TCP	vCenter Server	SMTP Server	Email notifications
vCenter 4.x	53	UDP	vCenter Server	DNS Server	DNS lookups
vCenter 4.x	80	TCP	Client PC	vCenter Server	Redirect Web Browser to HTTPS Service (443)
vCenter 4.x	80	TCP	vCenter Server	ESX/ESXi 4.x	DPM with IPMI (iLO/BMC) ASF Remote Management and Control Protocol
vCenter 4.x	88	UDP	vCenter Server	Active Directory Server	AD Authentication
vCenter 4.x	88	TCP	vCenter Server	Active Directory Server	AD Authentication
vCenter 4.x	135	TCP	vCenter Server	vCenter Server	Linked Mode
vCenter 4.x	161	UDP	SNMP Server	vCenter Server	SNMP Polling
vCenter 4.x	162	UDP	vCenter Server	SNMP Server	SNMP Trap Send
vCenter 4.x	389	TCP/UDP	vCenter Server	Linked vCenter Servers	Bi-directional LDAP authentication with Kerberos encryption on TCP port 389 is required between all vCenters that need to replicate.
vCenter 4.x	443	TCP	vCenter Server	ESX/ESXi Host	vCenter Agent
vCenter 4.x	443	TCP	vCenter Server	ESX/ESXi 4.x	Host DPM with HP iLO Remote Management and Control Protocol
vCenter 4.x	443	TCP	Client PC	vCenter Server	VI Web Access (Web Browser)
vCenter 4.x	443	TCP	vSphere Client	vCenter Server	vSphere Client access to vCenter Server
vCenter 4.x	445	TCP	vCenter Server	Active Directory Server	AD Authentication
vCenter 4.x	445	UDP	vCenter Server	Active Directory Server	AD Authentication
vCenter 4.x	623	UDP	vCenter Server	ESX/ESXi 4.x Host	DPM with IPMI (iLO/BMC) ASF Remote Management and Control Protocol
vCenter 4.x	636	TCP	vCenter Server	Linked vCenter Servers	Linked mode connectivity between vCenter Servers
vCenter 4.x	902	TCP/UDP	vCenter Server	ESX/ESXi Host	Heartbeat
vCenter 4.x	902	TCP/UDP	ESX/ESXi Host	vCenter Server	Heartbeat
vCenter 4.x	903	TCP	Client PC	vCenter Server	VI/vSphere Client to VM Console
vCenter 4.x	902	TCP	vCenter Server	ESX/ESXi Host	VI/vSphere Client to VM Console (after connection established between VI/vSphere Client and vCenter)
vCenter 4.x	> 1024 (dynamic)	RPC	Linked vCenter Servers	Linked vCenter Servers	Bi-directional RPC communication on dynamic TCP ports is required between all vCenters that need to replicate (via ADAM). A VIC still needs a direct connection to all vCenters that own an object it needs to manage.
vCenter 4.x	1433	TCP	vCenter Server	Microsoft SQL Server	For vCenter Microsoft SQL Server Database
vCenter 4.x	1521	TCP	vCenter Server	Oracle Database Server	For vCenter Oracle Database
vCenter 4.x	5989	TCP	vCenter Server	ESX/ESXi Host	vCenter to ESX
vCenter 4.x	5989	TCP	ESX/ESXi Host	vCenter Server	ESX to vCenter
vCenter 4.x	8005	TCP	vCenter Server	vCenter Server	Internal Communication Port
vCenter 4.x	8006	TCP	vCenter Server	vCenter Server	Internal Communication Port
vCenter 4.x	8080	TCP	Client PC	vCenter Server 4.x	VMware vCenter 4 Management Web Services - HTTP
vCenter 4.x	8083	TCP	vCenter Server	vCenter Server	Internal Service Diagnostics
vCenter 4.x	8085	TCP	vCenter Server	vCenter Server	Internal Service Diagnostics
vCenter 4.x	8086	TCP	vCenter Server	vCenter Server	Internal Communication Port
vCenter 4.x	8087	TCP	vCenter Server	vCenter Server	Internal Service Diagnostics
vCenter 4.x	8443	TCP	Client PC	vCenter Server 4.x	VMware vCenter 4 Management Web Services - HTTPS
vCenter 4.x	8443	TCP	vCenter Server	vCenter Server	Linked Mode
vCenter 4.x	27000	TCP	vCenter Server	VMware License Server	Licensing via FlexLM. Only required by vCenter 4 if ESX/ESXi 3.x Hosts will be supported
vCenter 4.x	27000	TCP	VMware License Server	vCenter Server	Licensing via FlexLM. Only required by vCenter 4 if ESX/ESXi 3.x Hosts will be supported
vCenter 4.x	27010	TCP	vCenter Server	VMware License Server	Licensing via FlexLM. Only required by vCenter 4 if ESX/ESXi 3.x Hosts will be supported
vCenter 4.x	27010	TCP	VMware License Server	vCenter Server	Licensing via FlexLM. Only required by vCenter 4 if ESX/ESXi 3.x Hosts will be supported
vCenter 4.1	60099	TCP	vCenter Server	vCenter Server Services	This port is for internal communication between vCenter Server and its solutions. Specifically, it is used to exchange messages about inventory. If you do not have it open, a solution that integrates with vCenter Server using this service may be affected.
vCenter 5.x	25	TCP	vCenter Server	SMTP Server	Email notifications
vCenter 5.x	53	UDP	vCenter Server	DNS Server	DNS lookups
vCenter 5.x	80	TCP	Client PC	vCenter Server	vCenter Server requires port 80 for direct HTTP connections.
vCenter 5.x	80	TCP	vCenter Server	ESXi 5.x	DPM with IPMI (iLO/BMC) ASF Remote Management and Control Protocol
vCenter 5.x	88	UDP	vCenter Server	Active Directory Server	AD Authentication
vCenter 5.x	88	TCP	vCenter Server	Active Directory Server	AD Authentication
vCenter 5.x	135	TCP	vCenter Server	vCenter Server	Linked Mode
vCenter 5.x	161	UDP	SNMP Server	vCenter Server	SNMP Polling
vCenter 5.x	162	UDP	vCenter Server	SNMP Server	SNMP Trap Send
vCenter 5.x	389	TCP/UDP	vCenter Server	Linked vCenter Servers	This is the LDAP port number for the Directory Services for the vCenter Server group. The vCenter Server system needs to bind to port 389, even if you are not joining this vCenter Server instance to a Linked Mode group. If another service is running on this port, you can run the LDAP service on any port from 1025 through 65535.
vCenter 5.x	443	TCP	vSphere Client	vCenter Server	vCenter Server system uses to listen for connections from the vSphere Client.
vCenter 5.x	443	TCP	vCenter Server	ESXi 5.x	vCenter Agent. Host DPM with HP iLO Remote Management and Control Protocol
vCenter 5.x	623	UDP	vCenter Server	ESXi 5.x	DPM with IPMI (iLO/BMC) ASF Remote Management and Control Protocol
vCenter 5.x	636	TCP	vCenter Servers	Linked vCenter Servers	vCenter Server Linked Mode, this is the SSL port of the local instance.
vCenter 5.x	902	TCP	vCenter Server	ESXi 5.x	vCenter Server system uses to send data to managed hosts. This port must not be blocked by firewalls between the server and the hosts or between hosts.
vCenter 5.x	902	UDP	vCenter Server	ESXi 5.x	Managed hosts send a regular heartbeat to the vCenter Server system. This port must not be blocked by firewalls between the server and the hosts or between hosts.
vCenter 5.x	902	TCP/UDP	vSphere Client	ESXi 5.x	vSphere Client uses this ports to display virtual machine consoles.
vCenter 5.x	902	TCP/UDP	ESXi 5.x	ESXi 5.x	Host access to other hosts for migration and provisioning
vCenter 5.x	903	TCP	vSphere Client	ESXi 5.x	Remote console traffic generated by user access to virtual machines on a specific host.
vCenter 5.x	1433	TCP	vCenter Server	Microsoft SQL Server	For vCenter Microsoft SQL Server Database
vCenter 5.x	1521	TCP	vCenter Server	Oracle Database Server	For vCenter Oracle Database
vCenter 5.x	5988	TCP	ESXi 5.x	vCenter Server	CIM transactions over HTTP
vCenter 5.x	5989	TCP	vCenter Server	ESXi 5.x	CIM XML transactions over HTTPS
vCenter 5.x	5989	TCP	ESXi 5.x	vCenter Server	CIM XML transactions over HTTPS
vCenter 5.x	8000	TCP	vCenter Server	ESXi 5.x	Requests from vMotion
vCenter 5.x	8005	TCP	vCenter Server	vCenter Server	Internal Communication Port
vCenter 5.x	8006	TCP	vCenter Server	vCenter Server	Internal Communication Port
vCenter 5.x	8080	TCP	Client PC	vCenter Server	Web Services HTTP. Used for the VMware VirtualCenter Management Web Services.
vCenter 5.x	8083	TCP	vCenter Server	vCenter Server	Internal Service Diagnostics
vCenter 5.x	8085	TCP	vCenter Server	vCenter Server	Internal Service Diagnostics
vCenter 5.x	8086	TCP	vCenter Server	vCenter Server	Internal Communication Port
vCenter 5.x	8087	TCP	vCenter Server	vCenter Server	Internal Service Diagnostics
vCenter 5.x	8443	TCP	Client PC	vCenter Server	Web Services HTTPS. Used for the VMware VirtualCenter Management Web Services.
vCenter 5.x	8443	TCP	vCenter Server	vCenter Server	Linked Mode
vCenter 5.x	9443	TCP	Client PC	vCenter Server	vSphere Web Client Access
vCenter 5.x	10109	TCP	vCenter Server	vCenter Server	vCenter Inventory Service Service Management
vCenter 5.x	10111	TCP	vCenter Server	vCenter Server	vCenter Inventory Service Linked Mode Communication
vCenter 5.x	10443	TCP	Client PC	vCenter Server	vCenter Inventory Service HTTPS
vCenter 5.x	51915	TCP	ESXi	vSphere Authentication Proxy	This is a web service, which is used to add host to Active Directory domain.
vCenter 5.x	60099	TCP	vCenter Server	vCenter Server	Web Service change service notification port
vCloud Usage Meter	80	TCP	vCloud Usage Meter	vCenter Server	This is for vSphere API
vCloud Usage Meter	443	TCP	vCloud Usage Meter	vCenter Server	This is for vSphere API
vCloud Usage Meter	5480	TCP	vCenter Update Manager	vCloud Usage Meter	This is used for virtual appliance updates
vCloud Usage Meter	8443	TCP	Client Browser	vCloud Usage Meter	This is for WebApp
vCenter Operations Standard 1.x	22	TCP	vCenter Operations Standard	Virtual appliance	Must be open to enable SSH access to the vCenter Operations Standard virtual appliance
vCenter Operations Standard 1.x	443	TCP	vCenter Operations Standard	Virtual appliance	HTTPS server port for the vCenter Operations Standard Administration page
vCenter Operations Standard 1.x	5480	TCP	vCenter Operations Standard	Virtual appliance	HTTPS server port for the VMware Studio Web console to administer the virtual appliance
View 3.x	3389	TCP	Thin Client	ESX host	RDP Protocol
View 3.x	18443	TCP	View Connection Server/View Manager	vCenter Server	View Composer
View 3.x	32111	TCP	View Agent (Virtual Desktop)	View Client	USB Device Communication
View 3.x	32111	TCP	View Client	View Agent (Virtual Desktop)	USB Device Communication
View 4.0.x	902	TCP	View Client/View Client with Offline Desktop	ESX Host	(Optional) View Client with Offline Desktop data is downloaded and uploaded through this port.
View 4.0.x	3268	TCP	View/VDM Connection Server/View Manager	Active Directory Server	Global Catalog Server
View 4.0.x	3269	TCP	View/VDM Connection Server/View Manager	Active Directory Server	Global Catalog Server
View 4.0.x	3389	TCP	Thin Client	ESX host	RDP Protocol
View 4.0.x	9427	TCP	View Client/View Client with Offline Desktop	View Agent (Virtual Desktop)	(Optional) Multimedia Redirection (MMR). MMR is supported by View Client and View Client with Offline Desktop on certain operating systems.
View 4.0.x	18443	TCP	View Connection Server/View Manager	vCenter Server	View Composer
View 4.0.x	50002	TCP/UDP	View Agent (Virtual Desktop)	View Client	PCoIP (AES 128-bit encryption)
View 4.0.x	50002	TCP/UDP	View Client	View Agent (Virtual Desktop)	PCoIP (AES 128-bit encryption)
View 4.5.x	-	-	-	-	Complete details are available here
View 4.5.x	80/443	TCP	View Client with Local Mode	View Transfer Server	HTTP(S) access via direct connection for downloading and uploading Local Mode data
View 4.5.x	80/443	TCP	Security Server	View Transfer Server	HTTP(S) access via tunnel connection for downloading and uploading Local Mode data
View 4.5.x	902	TCP	View Connection Server	ESX Host	Used when checking out local desktops. Must be accessible on your ESX host when using View Client with Local Mode.
View 4.5.x	902	TCP	View Transfer Server	ESX Host	Publishing View Composer packages for Local Mode
View 4.5.x	4001	TCP	View Connection Server	View Transfer Server	Required by JMS for Local Mode
View 4.5.x	4172	TCP/UDP	View Agent (Virtual Desktop)	View Client	PCoIP (AES 128-bit encryption)
View 4.5.x	4172	TCP/UDP	View Client	View Agent (Virtual Desktop)	PCoIP (AES 128-bit encryption)
View 4.6.x	-	-	-	-	Complete details are available here
View 4.6.x	80/443	TCP	View Client with Local Mode	View Transfer Server	HTTP(S) access via direct connection for downloading and uploading Local Mode data
View 4.6.x	80/443	TCP	Security Server	View Transfer Server	HTTP(S) access via direct connection for downloading and uploading Local Mode data
View 4.6.x	902	TCP	View Connection Server	ESX Host	Used when checking out local desktops. Must be accessible on your ESX host when using View Client with Local Mode.
View 4.6.x	902	TCP	View Transfer Server	ESX Host	Publishing View Composer packages for Local Mode
View 4.6.x	4001	TCP	View Connection Server	View Transfer Server	Required by JMS for Local Mode
View 4.6.x	4172	TCP/UDP	View Agent (Virtual Desktop)	View Client	PCoIP (AES 128-bit encryption)
View 4.6.x	4172	TCP/UDP	View Client	View Agent (Virtual Desktop)	PCoIP (AES 128-bit encryption)
View/VDM 2.x	80	TCP	View/VDM Client	View/VDM Security Server	VDM Access (not required if only HTTPS is to be supported)
View/VDM 2.x	80	TCP	Client PC	View/VDM Security Server	VDM Web Access (not required if only HTTPS is to be supported). The Security Server used as a proxy in a DMZ to allow for external connections in. The View Manager/Connection Broker has an ADAM instance on it.
View/VDM 2.x	80	TCP	View/VDM Client	View/VDM Connection Server	VDM Access (not required if only HTTPS is to be supported)
View/VDM 2.x	80	TCP	Client PC	View/VDM Connection Server	VDM Web Access (not required if only HTTPS is to be supported).
View/VDM 2.x	88	UDP	View/VDM Connection Server/View Manager	Active Directory Server	AD Authentication
View/VDM 2.x	88	TCP	View/VDM Connection Server/View Manager	Active Directory Server	AD Authentication
View/VDM 2.x	389	TCP/UDP	View/VDM Connection Server/View Manager	LDAP Server	LDAP Authentication
View/VDM 2.x	443	TCP	View/VDM Client	View/VDM Security Server	VDM Access
View/VDM 2.x	443	TCP	Client PC	View/VDM Connection Server/View Manager	VDM Web Access and VDM Administration
View/VDM 2.x	443	TCP	Thin Client	View/VDM Connection Server/View Manager	VDM API
View/VDM 2.x	443	TCP	View/VDM Client	View/VDM Connection Server/View Manager	VDM Access
View/VDM 2.x	443	TCP	Client PC	View/VDM Security Server	VDM Web Access (Web Browser)
View/VDM 2.x	443	TCP	View/VDM Connection Server/View Manager	vCenter Server	VDM to vCenter communication
View/VDM 2.x	445	UDP	View/VDM Connection Server/View Manager	Active Directory Server	AD Authentication
View/VDM 2.x	445	TCP	View/VDM Connection Server/View Manager	Active Directory Server	AD Authentication
View/VDM 2.x	1024 to 65535	TCP	View/VDM Connection Server/View Manager	Virtual Desktop VM (View/VDM Agent)	Ephemeral Ports. A short-lived connection between View Manager and the virtual desktop
View/VDM 2.x	1024 to 65535	TCP	View/VDM Connection Server/View Manager	View/VDM Connection Server/View Manager	This is required for ADAM replication between VDM Connection Servers. With a Registry entry, this can be fixed to a defined set of ports, but by default it is a random TCP high port
View/VDM 2.x	3389	TCP	View/VDM Security Server	Virtual Desktop VM (View/VDM Agent)	Tunneled RDP Connection (RSA RC4 encryption, can be set High/Medium/Low) High: Encrypts both the data sent from client to server and the data sent from server to client using a 128-bit key. Medium: Encrypts both the data sent from client to server and the data sent from server to client using a 56-bit key if the client is a Windows 2000 or above client, or a 40-bit key if the client is an earlier version. Low: Encrypts only the data sent from client to server, using either a 56- or 40-bit key, depending on the client version. Useful to protect usernames and passwords sent from client to server.
View/VDM 2.x	3389	TCP	Client PC/Thin Client/View/VDM Client	Virtual Desktop VM (View/VDM Agent)	Direct RDP Connection (RSA RC4 encryption, can be set High/Medium/Low). High: Encrypts both the data sent from client to server and the data sent from server to client using a 128-bit key. Medium: Encrypts both the data sent from client to server and the data sent from server to client using a 56-bit key if the client is a Windows 2000 or above client, or a 40-bit key if the client is an earlier version. Low: Encrypts only the data sent from client to server, using either a 56- or 40-bit key, depending on the client version. Useful to protect usernames and passwords sent from client to server.
View/VDM 2.x	4001	TCP	View/VDM Security Server	View/VDM Connection Server/View Manager	Java Messenger Service (JMS)
View/VDM 2.x	4001	TCP	View/VDM Connection Server/View Manager	View/VDM Security Server	Java Messenger Service (JMS)
View/VDM 2.x	4001	TCP	Virtual Desktop VM (View/VDM Agent)	View/VDM Connection Server/View Manager	Java Messenger Service (JMS)
View/VDM 2.x	4100	TCP	View/VDM Connection Server/View Manager	View/VDM Connection Server/View Manager	Java Messenger Service (JMS) inter-router traffic
View/VDM 2.x	8009	TCP	View/VDM Security Server	View/VDM Connection Server/View Manager	Apache Jserv Protocol (AJP)
View/VDM 2.x	8009	TCP	View/VDM Connection Server/View Manager	View/VDM Security Server	Apache Jserv Protocol (AJP)
View/VDM 2.x	42966	TCP	View Client/View Client with Offline Desktop	ESX Host	(Optional) Hewlett-Packard RGS Sender Application is the server-side component of the HP RGS remote display protocol
vSphere Management Assistant	443	TCP	vSphere Management Assistant	ESX Host	For SDK traffic

Update History

02/15/2012 - Updated information on ESXi 5.x vSphere HA. 02/10/2012 - Added information on DVS ports for ESX/ESXi. 02/15/2010 - Expanded and updated port information for Local Mode in View 4.5.x. 06/03/2010 - Added port 8095 and 8096 as additional ports required for Site Recovery Manager. For port 1526 and 5000, changed the source to Site Recovery Manager from vCenter server. 09/17/2010 - Added entries for new PCoIP port numbers in View 4.5. 09/30/2010 - Corrected internal hotlinks. 01/11/2011 - Added TCP port 80 and 443 entries for vCenter 4.x; Corrected source and destination for Update Manager TCP port 9084. 01/17/2011 - Added entries for VMware vCenter Server Heartbeat. 03/24/2011 - Added port information for View 4.6.x, and vCenter Operations Standard. 03/26/2011 - Added entries for vCenter Operations Standard and View 4.5 03/29/2011 - Added TCP data port 8244 required for vCO Server/Client connection. Corrected VDR TCP port 443 information. 05/02/2011 - Corrected the vMA port details. Changed it to 443 from 44. 07/21/2011 - Updated View 4.5 and View 4.6. 09/28/2011 - Added entries for port 31100, 31000 and 51915 for vSphere 5. 09/28/2011 - Edited for port 903 which was showing as port 902 earlier. Switched the source as vSphere Client and target as ESXi 5. 10/05/2011 - Added vCloud Usage Meter product and the relevant ports in the list. 10/14/2011 - Added information on vCloud Usage Meter. 10/17/2011 - Added information on ports 31000, 31100 and 51915 11/23/2011 - Added port information for Auto Deploy Server and ESXi Dump Collector 11/30/2011 - Added information about AD ports for ESXi 4.x and 5.x 12/09/2011 - Corrected protocol to UDP for ports 389, 6500 12/14/2011 - Added Converter 5.x in resolution

Request a Product Feature

To request a new product feature or to provide feedback on a VMware product, please visit the Request a Product Feature page.

Feedback

1 2 3 4 5

1 2 3 4 5

Actions

Bookmark Document

Did this article help you?
This article resolved my issue. This article did not resolve my issue. This article helped but additional information was required to resolve my issue.
What can we do to improve this information? (4000 or fewer characters)