OPERATIONAL DEFECT DATABASE
...
...
This article lists the TCP and UDP ports required for VMware vCenter Server.
vCenter Server 6.5 - vCenter Server 8.0 The information has moved. Please refer to VMware Ports and Protocols for a comprehensive list of the TCP and UDP ports required for current vSphere versions. vCenter Server 5.x - vCenter Server 6.0 ProductPortProtocolSourceTargetPurposeHeartbeat52267TCPvCenter Server Heartbeat ConsolevCenter Server Heartbeat ServerClient Connection PortHeartbeat57348TCPvCenter Server Primary ServervCenter Server Secondary ServerDefault Channel Port to communicate between Primary and Secondary servervCenter Server 5.x25TCPvCenter ServerSMTP ServerEmail notificationsvCenter Server 5.x53UDPvCenter ServerDNS ServerDNS lookupsvCenter Server 5.x80TCPClient PCvCenter ServervCenter Server requires port 80 for direct HTTP connections.vCenter Server 5.x80TCPvCenter ServerESXi 5.xDPM with IPMI (iLO/BMC) ASF Remote Management and Control ProtocolvCenter Server 5.x88UDPvCenter ServerActive Directory ServerAD AuthenticationvCenter Server 5.x88TCPvCenter ServerActive Directory ServerAD AuthenticationvCenter Server 5.x135TCPvCenter ServervCenter ServerUsed by ADAM for RPC communications between vCenter Servers in Linked Mode.vCenter Server 5.x161UDPSNMP ServervCenter ServerSNMP PollingvCenter Server 5.x162UDPvCenter ServerSNMP ServerSNMP Trap SendvCenter Server 5.x389TCP/UDPvCenter ServerLinked vCenter ServersThis port must be open in the local and all remote instances of vCenter Server. This is the LDAP port number for the Directory Services for the vCenter Server group. The vCenter Server system needs to bind to port 389, even if you are not joining this vCenter Server instance to a Linked Mode group. If another service is running on this port, it might be preferable to remove it or change its port to a different port. You can run the LDAP service on any port from 1025 through 65535.vCenter Server 5.x443TCPvSphere ClientvCenter ServervCenter Server system uses to listen for connections from the vSphere Client.vCenter Server 5.x443TCPvCenter ServerESXi 5.xvCenter Agent. Host DPM with HP iLO Remote Management and Control ProtocolvCenter Server 5.x623UDPvCenter ServerESXi 5.xDPM with IPMI (iLO/BMC) ASF Remote Management and Control ProtocolvCenter Server 5.x636TCPvCenter ServersLinked vCenter ServersThis is the SSL port of the local instance for vCenter Server Linked Mode. If another service is running on this port, it might be preferable to remove it or change its port. You can run the SSL service on any port from 1025 through 65535.vCenter Server 5.x902TCPvCenter ServerESXi 5.xvCenter Server system uses to send data to managed hosts. This port must not be blocked by firewalls between the server and the hosts or between hosts.vCenter Server 5.x902TCP/UDPvSphere ClientESXi 5.xvSphere Client uses this ports to display virtual machine consoles.vCenter Server 5.x902TCP/UDPESXi 5.xESXi 5.xHost access to other hosts for migration and provisioningvCenter Server 5.x1024 (dynamic)RPCLinked vCenter ServersLinked vCenter ServersBi-directional RPC communication on dynamic TCP ports is required between all vCenters that need to replicate (via ADAM).vCenter Server 5.x1433TCPvCenter ServerMicrosoft SQL ServerFor vCenter Microsoft SQL Server DatabasevCenter Server 5.x1521TCPvCenter ServerOracle Database ServerFor vCenter Oracle DatabasevCenter Server 5.x5988TCPESXi 5.xvCenter ServerCIM transactions over HTTPvCenter Server 5.x5989TCPvCenter ServerESXi 5.xCIM XML transactions over HTTPSvCenter Server 5.x5989TCPESXi 5.xvCenter ServerCIM XML transactions over HTTPSvCenter Server 5.x7500UDPvCenter ServerLinked vCenter ServersvCenter Inventory Service Groups diagnostics port for Inventory Service instances.vCenter Server 5.x8005TCPvCenter ServervCenter ServerInternal Communication PortvCenter Server 5.x8006TCPvCenter ServervCenter ServerInternal Communication PortvCenter Server 5.x8009TCPvCenter ServervCenter ServerAJP PortvCenter Server 5.x8080TCPClient PCvCenter ServerWeb Services HTTP. Used for the VMware VirtualCenter Management Web ServicesvCenter Server 5.x8083TCPvCenter ServervCenter ServerInternal Service DiagnosticsvCenter Server 5.x8085TCPvCenter ServervCenter ServerInternal Service Diagnostics/SDKvCenter Server 5.x8086TCPvCenter ServervCenter ServerInternal Communication PortvCenter Server 5.x8087TCPvCenter ServervCenter ServerInternal Service DiagnosticsvCenter Server 5.x8089TCPvCenter ServervCenter ServerSDK Tunneling PortvCenter Server 5.x8443TCPClient PCLinked vCenter ServersWeb Services HTTPS. Used for the VMware VirtualCenter Management Web Services.vCenter Server 5.x8443TCPvCenter ServervCenter ServerVMware Web Management Services Linked Mode Communication portvCenter Server 5.x9443TCPClient PCvCenter ServervSphere Web Client AccessvCenter Server 5.x10111TCPvCenter ServerLinked vCenter ServersvCenter Inventory Service Linked Mode CommunicationvCenter Server 5.x10443TCPClient PCLinked vCenter ServersvCenter Inventory Service Linked Mode Communication between Inventory Service instances.This can be changed during the vCenter Server installation and should be adjusted in the firewall settings as needed.vCenter Server 5.x51915TCPESXivSphere Authentication ProxyThis is a web service, which is used to add host to Active Directory domain.vCenter Server 5.x60099TCPvCenter ServervCenter ServerWeb Service change service notification portvCenter Server 5.17005TCPvCenter Server (Tomcat Server settings)vCenter Single Sign-OnBase shutdown port.For more information, see Configuring VMware Tomcat Server Settings in vCenter Server 5.1.vCenter Server 5.17080TCPvCenter Server (Tomcat Server settings)vCenter Single Sign-OnHTTP PortvCenter Server 5.17009TCPvCenter Server (Tomcat Server settings)vCenter Single Sign-OnAJP PortvCenter Server 5.149152 to 65535TCPActive DirectoryvCenter ServerAllow Active Directory authentication/communication between domain controllers and vCenter Server.vCenter Server 5.1/5.57444TCPvCenter Server (Tomcat Server settings)vCenter Single Sign-OnLookup Service, HTTPS PortvCenter Server 5.1/5.58003TCPvCenter Server (Tomcat Server settings)vCenter Server Management Web ServicesvCenter Server Management Web Service shutdownvCenter Server 5.531000 to 32999TCPvCenter Single Sign-OnvCenter Single Sign-OnInternal Communication Ports for VMware Secure Token Service, which uses two available ports. One port from the 31000 to 31999 range and one port from the 32000 to 32999 range.vCenter Server 5.588TCPvCenter ServervCenter Single Sign-OnKdc ServicevCenter Server 5.52012TCPvCenter Server (Tomcat Server settings)vCenter Single Sign-OnDirectory ServicevCenter Server 5.52013TCPvCenter Server (Tomcat Server settings)vCenter Single Sign-OnKdc ServicevCenter Server 5.52014TCPvCenter Server (Tomcat Server settings)vCenter Single Sign-OnVMware Certificate Service inter-communications with vCenter Single Sign-OnvCenter Server 5.56501TCPAuto Deploy serviceESXi HostAuto Deploy ServicevCenter Server 5.56502TCPAuto Deploy ManagervSphere ClientAuto Deploy Manager ServicevCenter Server 5.57331TCPvSphere Web ClientvCenter Server (Tomcat Server settings)HTML5 remote console for virtual machinesvCenter Server 5.5 Update 2 and later7343TCPvSphere Web ClientvCenter Server (Tomcat Server settings)HTML5 remote console for virtual machines, HTTPSvCenter Server 5.57444TCPvCenter Server (Tomcat Server settings)vCenter Single Sign-OnLookup Service, HTTPS portvCenter Server 5.58190TCPvCenter ServervCenter ServerStorage Policy Server HTTPvCenter Server 5.58191TCPvCenter ServervCenter ServerStorage Policy Server HTTPSvCenter 5.59875-9877TCPvSphere Web ClientvSphere Web ClientvSphere Web Client Java Management Extension (JMX). Dynamically acquired upon the vSphere Web Client service starting.vCenter Server 5.59090TCPvSphere Web Client HTTPvSphere Web ClientHTTP redirect to HTTPSvCenter Server 5.511711TCPvCenter Single Sign-OnvCenter Single Sign-OnDirectory service LDAP use for replication between vCenter Single Sign-On nodesvCenter Server 5.511712TCPvCenter Single Sign-OnvCenter Single Sign-OnDirectory service LDAPS use for replication between vCenter Single Sign-On nodesvCenter Server 5.512721TCPvCenter Single Sign-OnvCenter Single Sign-OnIdentity Management Service (IDM) internal client/server communication port.Used by VMware Identity Management Service.vCenter Server 5.512443TCPLog BrowservCenter ServerLog BrowservCenter Server 5.522000TCPvCenter ServervCenter ServervCenter Server Storage Monitoring Service HTTPvCenter Server 5.522100TCPvCenter ServervCenter ServervCenter Server Storage Monitoring Service HTTPSvCenter Server 5.531000TCPvCenter ServervCenter ServerVMware vSphere Profile-Driven Storage Service HTTPvCenter Server 5.531100TCPvCenter ServervCenter ServerVMware vSphere Profile-Driven Storage Service HTTPSvCenter Server 5.549000 to 65000TCPActive DirectoryvCenter ServerAllow Active Directory authentication/communication between domain controllers and vCenter Server.Used by the VMware Identity Management ServicevCenter Server 6.022TCP/UDPvCenter ServerSSH ClientSystem port for SSHD. This port is only used by the vCenter Server AppliancevCenter Server 6.080TCPClient PCvCenter ServervCenter Server requires port80for direct HTTP connections. Port80redirects requests to HTTPS port 443. This redirection is useful if you accidentally usehttp://serverinstead ofhttps://server. WS-Management (also requires port 443 to be open). If you use a Microsoft SQL database that is stored on the same virtual machine or physical server as vCenter Server, port 80 is used by the SQL Reporting Service. When you install or upgrade vCenter Server, the installer prompts you to change the HTTP port for vCenter Server. Change the vCenter Server HTTP port to a custom value to ensure a successful installation or upgrade.vCenter Server 6.088TCPvCenter ServerActive Directory ServerVMware key distribution center portvCenter Server 6.0389TCP/UDPvCenter ServerLinked vCenter ServersThis port must be open on the local and all remote instances of vCenter Server. This is the LDAP port number for the Directory Services for the vCenter Server group. If another service is running on this port, it might be preferable to remove it or change its port to a different port. You can run the LDAP service on any port from 1025 through 65535.vCenter Server 6.0443TCPvSphere Web ClientvCenter ServerThe default port that the vCenter Server system uses to listen for connections from the vSphere Web Client. To enable the vCenter Server system to receive data from the vSphere Web Client, open port 443 in the firewall. The vCenter Server system also uses port 443 to monitor data transfer from SDK clients. Port 443 is also used for these services: WS-Management (also requires port 80 to be open) Third-party network management client connection to vCenter Server. Third-party network management clients access to hostvCenter Server 6.0514UDPSyslog CollectorSyslog CollectorvSphere Syslog Collector port for vCenter Server on Windows and vSphere Syslog Service port for vCenter Server AppliancevCenter Server 6.0636TCPPlatform Service ControllerManagement NodesFor vCenter Server Enhanced Linked Mode, this is the SSL port of the local instance. If another service is running on this port, it might be preferable to remove it or change its port to a different port. You can run the SSL service on any port from 1025through65535. This port is also used during install to verify SSL certificates.vCenter Server 6.0902TCP/UDPvCenter ServerESXi 6.0/5.xThe default port that the vCenter Server system uses to send data to managed hosts. Managed hosts also send a regular heartbeat over UDP port 902to the vCenter Server system. This port must not be blocked by firewalls between the server and the hosts or between hosts. Port 902 must not be blocked between the vSphere Client and the hosts. The vSphere Client uses this port to display virtual machine consoles.vCenter Server 6.010080TCPvCenter ServerInventory ServicevCenter Server vCenter Inventory Service HTTPvCenter Server 6.01514TCP/UDPSyslog CollectorSyslog CollectorvSphere Syslog Collector TLS port for vCenter Server on Windows and vSphere Syslog Service TLS port for vCenter Server AppliancevCenter Server 6.02012TCPvCenter Server (Tomcat Server settings)vCenter Single Sign-OnControl interface RPC for vCenter Single Sign-On(SSO).vCenter Server 6.02014TCPvCenter Server (Tomcat Server settings)vCenter Single Sign-OnRPC port for all VMCA (VMware Certificate Authority) APIs.vCenter Server 6.02020TCP/UDPvCenter ServervCenter ServerAuthentication framework managementvCenter Server 6.06500TCP/UDPvCenter ServerESXi hostESXi Dump Collector portvCenter Server 6.06501TCPAuto Deploy serviceESXi HostAuto Deploy servicevCenter Server 6.06502TCPAuto Deploy ManagervSphere ClientAuto Deploy managementvCenter Server 6.07444TCP Secure Token ServicevCenter Server 6.08009TCPvCenter ServervCenter ServerAJP PortvCenter Server 6.08089TCPvCenter ServervCenter ServerSDK Tunneling PortvCenter Server 6.09443TCPvSphere Web Client ServervSphere Web ClientvSphere Web Client HTTPSvCenter Server 6.011711TCPvCenter Single Sign-OnvCenter Single Sign-OnVMware Directory service (vmdir) LDAPvCenter Server 6.011712TCPvCenter Single Sign-OnvCenter Single Sign-OnVMware Directory service (vmdir) LDAPS
Click on a version to see all relevant bugs
VMware Integration
Learn more about where this data comes from
Bug Scrub Advisor
Streamline upgrades with automated vendor bug scrubs
BugZero Enterprise
Wish you caught this bug sooner? Get proactive today.
