Search the VMware Knowledge Base (KB)
View by Article ID

Which ports are required for vShield Zones operation? (1011352)

  • 3 Ratings


Communication between the vShield Manager and vShield agents, as well as between a client PC and the vShield Manager, requires open ports for the exchange of configuration and reporting data.

Clear-text communication occurs only between the vShield Manager and a vShield agent to log syslog or SNMP trap messages on Network Management Software (NMS) servers and when passing Network Time Protocol (NTP) traffic.


The following ports are required for vShield Zones operation.

Application Protocol (Transport Protocol)
vShield Manager to vShield agent All communication passing from the vShield Manager to vShield agents, including initial connection. When connecting to vShield agents, the vShield Manager initiates and maintains a secure communication channel using SSH encryption. All vShield agent configuration propagations and health checks occur over this secure channel. For the vShield Manager to be able to establish a connection with a vShield agent, each vShield agent must be configured with a unique encryption key, which is stored in hashed format on the vShield Manager and the vShield agent for added security.
Time synchronization
PC to vShield Manager
Administrators can access the vShield Manager user interface by using a Hyper Text Transfer Protocol Secure (HTTPS) Web browser session. This ensures that network communication to the vShield Manager user interface is secure, and sensitive configuration information between your Web browser and the vShield Manager does not show up as clear text in the network.
vShield agent to vShield Manager vShield Zones utilizes port 1162 to send SNMP trap messages from vShield agents to the vShield Manager. All other statistics, including memory and CPU, use port 22. The well-known SNMP port over UDP is 162; vShield Zones utilizes a custom SNMP port.


vshield-zones-port-requirements  vshield-zones-minimum-requirements  vshield-zones

Request a Product Feature

To request a new product feature or to provide feedback on a VMware product, please visit the Request a Product Feature page.


  • 3 Ratings

Did this article help you?
This article resolved my issue.
This article did not resolve my issue.
This article helped but additional information was required to resolve my issue.

What can we do to improve this information? (4000 or fewer characters)

Please enter the Captcha code before clicking Submit.
  • 3 Ratings