Required ports for vCenter Server 5.1.x
Article ID: 328314
Updated On:
Products
VMware
Issue/Introduction
Symptoms:
This article provides information on the required ports for vCenter Server 5.1.x.
Note: For information on the required ports for the vCenter Server Appliance 5.x, see Required ports for vCenter Server Appliance 5.x (2012773).
This article provides information on the required ports for vCenter Server 5.1.x.
Note: For information on the required ports for the vCenter Server Appliance 5.x, see Required ports for vCenter Server Appliance 5.x (2012773).
Resolution
The VMware vCenter Server system must be able to send data to every managed host and receive data from every vSphere Client. To enable migration and provisioning activities between managed hosts, the source and destination hosts must be able to receive data from each other.
VMware uses designated ports for communication. Additionally, the managed hosts monitor designated ports for data from the vCenter Server system. If a firewall exists between any of these elements and the Windows firewall service is in use, the installer opens the ports during the installation process. For custom firewalls, you must manually open the required ports. If you have a firewall between two managed hosts and you want to perform source or target activities such as migration or cloning, you must configure a means for the managed hosts to receive data.
Note: In Microsoft Windows Server 2008, a firewall is enabled by default.
This table outlines the ports required for communication between components:
VMware uses designated ports for communication. Additionally, the managed hosts monitor designated ports for data from the vCenter Server system. If a firewall exists between any of these elements and the Windows firewall service is in use, the installer opens the ports during the installation process. For custom firewalls, you must manually open the required ports. If you have a firewall between two managed hosts and you want to perform source or target activities such as migration or cloning, you must configure a means for the managed hosts to receive data.
Note: In Microsoft Windows Server 2008, a firewall is enabled by default.
This table outlines the ports required for communication between components:
| Port | Protocol | Description |
| 80 | TCP | vCenter Server requires port 80 for direct HTTP connections. Port 80 redirects requests to HTTPS port 443. This redirection is useful if you accidentally use http://server/ instead of https://server/.Note: Microsoft Internet Information Services (IIS) also use port 80. For more information, see Conflict Between vCenter Server and IIS for Port 80 in the vSphere Installation and Setup guide. |
| 389 | TCP/UDP | This port must be open on the local and all remote instances of vCenter Server. This is the LDAP port number for the Directory Services for the vCenter Server group. The vCenter Server system needs to bind to port 389, even if you are not joining this vCenter Server instance to a Linked Mode group. If another service is running on this port, it might be preferable to remove it or change its port to a different port. You can run the LDAP service on any port from 1025 through 65535. If this instance is serving as the Microsoft Windows Active Directory, change the port number from 389 to an available port from 1025 through 65535. |
| 443 | TCP | The default port that the vCenter Server system uses to listen for connections from the vSphere Client. To enable the vCenter Server system to receive data from the vSphere Client, open port 443 in the firewall. The vCenter Server system also uses port 443 to monitor data transfer from SDK clients. If you use another port number for HTTPS, you must use ip-address:port when you log in to the vCenter Server system. |
| 902 | TCP/UDP | The default port that the vCenter Server system uses to send data to managed hosts. Managed hosts also send a regular heartbeat over UDP port 902 to the vCenter Server system. The port is also used for transmitting virtual machine consoles for ESXi 4.x and 5.x hosts. This port must not be blocked by firewalls between the server and the hosts or between hosts. |
| 903 | TCP | Port 903 must be open between the vSphere Client and ESX / ESXi hosts. The vSphere Client uses this port to display virtual machine consoles on ESX / ESXi hosts. |
| 8080 | TCP | Web Services HTTP. Used for the VMware VirtualCenter Management Web Services. |
| 8085 | TCP | Internal Service Diagnostics/SDK |
| 8443 | TCP | Web Services HTTPS. Used for the VMware VirtualCenter Management Web Services. |
| 60099 | TCP | Web Service change service notification port |
| 6501 | TCP | Auto Deploy Service |
| 6502 | TCP | Auto Deploy management |
| 7444 | TCP | vCenter Single Sign-On HTTPS |
| 7005 | TCP | vCenter Single Sign-On Base shutdown port |
| 7080 | TCP | vCenter Single Sign-On HTTP port |
| 7009 | TCP | vCenter Single Sign-On AJP port. For more information, see Configuring VMware Tomcat Server Settings in vCenter Server 5.1. |
| 9443 | TCP | vSphere Web Client HTTPS |
| 9090 | TCP | vSphere Web Client HTTP |
| 9875 - 9877 | TCP | vSphere Web Client Java Management Extension (JMX). Dynamically acquired upon the vSphere Web Client service starting. |
| 10080 | TCP | vCenter Inventory Service HTTP |
| 10443 | TCP | vCenter Inventory Service HTTPS |
Note: To have the vCenter Server system use a different port to receive vSphere Client data, see the vCenter Server and Host Management documentation. For a discussion of firewall configuration, see the vSphere Security Guide.
vCenter Server 5.5 Linked Mode specific ports:
This table contains the ports that need to opened through the firewall for Linked Mode.
Note: All ports need to be opened for bi-directional communication.
Note: All ports need to be opened for bi-directional communication.
| Port | Protocol | Description |
| 135 | TCP/UDP | Used by ADAM for RPC communications between vCenter Servers in Linked Mode. |
| 389 | TCP/UDP | This port must be open in the local and all remote instances of vCenter Server. This is the LDAP port number for the Directory Services for the vCenter Server group. The vCenter Server system needs to bind to port 389, even if you are not joining this vCenter Server instance to a Linked Mode group. If another service is running on this port, it might be preferable to remove it or change its port to a different port. You can run the LDAP service on any port from 1025 through 65535. If this instance is serving as the Microsoft Windows Active Directory, change the port number from 389 to an available port from 1025 through 65535. |
| 636 | TCP | This is the SSL port of the local instance for vCenter Server Linked Mode. If another service is running on this port, it might be preferable to remove it or change its port. You can run the SSL service on any port from 1025 through 65535. |
| 1024 | TCP | RPC communication on dynamic TCP ports is required between all vCenters that need to replicate (via ADAM). |
| 7500 | UDP | vCenter Inventory Service Groups diagnostics port for Inventory Service instances. |
| 8443 | TCP | VMware Web Management Services Linked Mode Communication port. |
| 10111 | TCP | vCenter Inventory Service Linked Mode Communication. |
| 10443 | TCP | vCenter Inventory Service Linked Mode Communication between Inventory Service instances. This can be changed during the vCenter Server installation and should be adjusted in the firewall settings as needed. |
Note: For more information on the ports used for ADAM, see Network Ports Used by ADAM.
Additional Information
For information on port requirements for vCenter Server 5.0, see Required ports for vCenter Server 5.0 (2005105).TCP and UDP Ports required to access VMware vCenter Server, VMware ESXi and ESX hosts, and other network components
Required ports for vCenter Server 5.0
Required ports for vCenter Server Appliance 5.x
Network port diagram for vSphere 5.x
vCenter Server 5.1.x に必要とされるポート
vCenter Server 5.1.x 所需的端口
Troubleshooting virtual machine console and MKS issues in the vSphere Client
Required ports for vCenter Server 5.0
Required ports for vCenter Server Appliance 5.x
Network port diagram for vSphere 5.x
vCenter Server 5.1.x に必要とされるポート
vCenter Server 5.1.x 所需的端口
Troubleshooting virtual machine console and MKS issues in the vSphere Client
Feedback
Yes
No
Powered by
