Required ports for ESXi 5.1.x
ESXi must be able to send and receive data from every vSphere Client. If you are attaching your ESXi host to vCenter Server, additional ports will be required. To enable migration and provisioning activities between managed hosts, the source and destination hosts must be able to receive data from each other.
Also, if you are attaching your ESXi host to external storage components, such as an NFS or iSCSI device, or management components, such as a SysLog server, monitoring system, etc, additional ports must be opened on the firewall in those instances.
Note: In Microsoft Windows Server 2008, a firewall is enabled by default.
This table outlines the ports required for communication between these components:
Port | Protocol | Source | Target | Description |
22 | TCP | Client PC | ESXi 5.1.x | SSH Server |
53 | UDP | ESXi 5.1.x | DNS Server | DNS Client |
68 | UDP | ESXi 5.1.x | DHCP Server | DHCP Client |
80 | TCP | Client PC | ESXi 5.1.x | Redirect Web Browser to HTTPS Service (443) |
88 | TCP | ESXi host | Active Directory Server | PAM Active Directory Authentication – Kerberos |
111 | TCP | ESXi/ESX host | NFS Server | NFS Client – RPC Portmapper |
111 | UDP | ESXi/ESX host | NFS Server | NFS Client – RPC Portmapper |
123 | UDP | ESXi/ESX host | NTP Time Server | NTP Client |
161 | UDP | SNMP Server | ESXi 4.x host | SNMP Polling. Not used in ESXi 3.x |
162 | UDP | ESXi host | SNMP Collector | SNMP Trap Send |
389 | TCP/UDP | ESXi host | LDAP Server | PAM Active Directory Authentication – Kerberos |
427 | UDP | vSphere Client | ESXi/ESX host | CIM Service Location Protocol (SLP) |
443 | TCP | vSphere Client | ESXi/ESX host | vSphere Client to ESXi/ESX host management connection |
443 | TCP | ESXi/ESX host | ESXi/ESX host | Host to host VM migration and provisioning |
445 | UDP | ESXi host | MS Directory Services Server | PAM Active Directory Authentication |
445 | TCP | ESXi host | MS Directory Services Server | PAM Active Directory Authentication |
445 | TCP | ESXi host | SMB Server | SMB Server |
464 | TCP | ESXi host | Active Directory Server | PAM Active Directory Authentication – Kerberos |
514 | TCP/UDP | ESXi 5.1.x | Syslog Server | Remote syslog logging |
902 | TCP/UDP | ESXi 5.1.x | ESXi 5.1.x | Host access to other hosts for migration and provisioning |
902 | UDP | ESXi 5.1.x | vSphere Client | (UDP) Status update (heartbeat) connection from ESXi to vCenter Server |
902 | TCP | vSphere Client | ESXi 5.1.x | vSphere Client access to virtual machine consoles (MKS) |
49152 to 65535 | TCP/UDP | ESXi host | Active Directory Server | Bi-directional communication on TCP/UDP ports is required between the ESXi host and the Active Directory Domain Controller (via the netlogondprocess on the ESXi host). For more information, see Active Directory and Active Directory Domain Services Port Requirements and the Microsoft Knowledge Base article 179442. |
2049 | TCP | ESXi 5.1.x | NFS Server | Transactions from NFS storage devices |
2049 | UDP | ESXi 5.1.x | NFS Server | Transactions from NFS storage devices |
3260 | TCP | ESXi 5.1.x | iSCSI storage server | Transactions to iSCSI storage devices |
5900 to 5964 | TCP | ESXi 5.1.x | ESXi 5.1.x | RFB protocol, which is used by management tools such as VNC |
5988 | TCP | CIM Server | ESXi 5.1.x | CIM transactions over HTTP |
5989 | TCP | vCenter Server | ESXi 5.1.x | CIM XML transactions over HTTPS |
5989 | TCP | ESXi 5.1.x | vCenter Server | CIM XML transactions over HTTPS |
8000 | TCP | ESXi 5.1.x (VM Target) | ESXi 5.1.x (VM Source) | Requests from vMotion |
8000 | TCP | ESXi 5.1.x (VM Source) | ESXi 5.1.x (VM Target) | Requests from vMotion |
8100 | TCP/UDP | ESXi 5.1.x | ESXi 5.1.x | Traffic between hosts for vSphere Fault Tolerance (FT) |
8182 | TCP/UDP | ESXi 5.1.x | ESXi 5.1.x | Traffic between hosts for vSphere High Availability (vSphere HA) |
8200 | TCP/UDP | ESXi 5.1.x | ESXi 5.1.x | Traffic between hosts for vSphere Fault Tolerance (FT) |
8301 | UDP | ESXi 5.1.x | ESXi 5.1.x | DVS port information |
8302 | UDP | ESXi 5.1.x | ESXi 5.1.x | DVS port information |
31100 | TCP | vCenter Server | SPS Server | Internal communication port |
31000 | TCP | SPS Server | vCenter Server | Internal communication port |