Update November 30, 2015: this page is no longer actively updated, it is for historical reference only.
Please refer to VMware KB Article #1012382: TCP and UDP Ports required to access VMware vCenter Server, VMware ESXi and ESX hosts, and other network components for an updated port list.
~ ~ ~ ~ ~
One of the recurring requests I hear from my clients is for a list of network ports that are used by VMware products (the request is usually preceded by the phrase “I was talking to the security group..” 🙂 ). Rather than hunt through each of the product manuals for this information, some colleagues of mine in the VMware Professional Services team put together the following list of ports. (It’s a big list, so I apologize for the formatting weirdness).
While this is still an “unofficial” list, I’ll try to update this as new products and updates come out as my time allows.
Update: Another colleague of mine from VMware has built a java based visual map version of this port list for vSphere 4.
| Product | Port | Protocol | Source | Target | Purpose |
| Consolidated Backup | 443 | TCP | VCB Proxy Server | vCenter Server | Required for VCB and vcbMounter communication and backup processes |
| Consolidated Backup | 443 | TCP | VCB Proxy Server | ESX/ESXi Host | Required for VCB and vcbMounter communication and backup processes |
| Converter 3.x + 4.x | 137 | UDP | vCenter Converter Server | Source Computer to be converted | For hot migration. Not required if the source computer does not use NetBIOS |
| Converter 3.x + 4.x | 138 | UDP | vCenter Converter Server | Source Computer to be converted | For hot migration. Not required if the source computer does not use NetBIOS |
| Converter 3.x + 4.x | 139 | TCP | vCenter Converter Server | Source Computer to be converted | For hot migration. Not required if the source computer does not use NetBIOS |
| Converter 3.x + 4.x | 443 | TCP | vCenter Converter Server | ESX/ESXi Host | Required for system conversion |
| Converter 3.x + 4.x | 443 | TCP | vCenter Converter Server | vCenter Server | Required if vCenter Server is the conversion target |
| Converter 3.x + 4.x | 443 | TCP | Source Computer to be converted | vCenter Server | Required if vCenter Server is the conversion target |
| Converter 3.x + 4.x | 443 | TCP | Source Computer to be converted | ESX/ESXi Host | Required for destination VM access when target is ESX/ESXi/vCenter |
| Converter 3.x + 4.x | 445 | TCP | vCenter Converter Server | Source Computer to be converted | Required for system conversion. Not required if the source computer uses NetBIOS |
| Converter 3.x + 4.x | 902 | TCP | Source Computer to be converted | ESX/ESXi Host | Required for data transport during cloning of system to be converted to target ESX/ESXi Host |
| Converter 4.x only | 22 | TCP | vCenter Converter Server | Source Computer to be converted | Required for conversion of Linux-based source computers |
| Converter 4.x only | 22 | TCP | Helper Virtual Machine | Source Computer to be converted | Required for conversion of Linux-based source computers (data flows from source to VM) |
| Converter 4.x only | 443 | TCP | vCenter Converter Client | vCenter Converter Server | Only required if the Converter Client and Converter Server were installed on different systems |
| Converter 4.x only | 443 | TCP | vCenter Converter Server | Helper Virtual Machine | Required for conversion of Linux-based source computers |
| Converter 4.x only | 9089 | TCP | vCenter Converter Server | Source Computer to be converted | Required for system conversion. Remote agent deployment |
| Data Recovery | 22024 | TCP | Data Recovery vSphere Client Plug-in | Data Recovery Appliance | Data Recovery management |
| ESX 3.x + 4.x (not ESXi) | 21 | TCP | FTP Client | ESX Host | FTP |
| ESX 3.x + 4.x (not ESXi) | 21 | TCP | ESX Host | FTP Server | FTP |
| ESX 3.x + 4.x (not ESXi) | 22 | TCP | SSH Client | ESX Host | SSH |
| ESX 3.x + 4.x (not ESXi) | 22 | TCP | ESX Host | SSH Server | SSH |
| ESX 3.x + 4.x (not ESXi) | 88 | TCP | ESX Host | Active Directory Server | PAM Active Directory Authentication – Kerberos |
| ESX 3.x + 4.x (not ESXi) | 161 | UDP | SNMP Server | ESX Host | SNMP Polling |
| ESX 3.x + 4.x (not ESXi) | 389 | TCP | ESX Host | LDAP Server | PAM Active Directory Authentication – LDAP |
| ESX 3.x + 4.x (not ESXi) | 443 | TCP | Client PC | ESX Host | Host VI Management via web browser |
| ESX 3.x + 4.x (not ESXi) | 445 | TCP | ESX Host | MS Directory Services Server | PAM Active Directory Authentication |
| ESX 3.x + 4.x (not ESXi) | 445 | TCP | ESX Host | SMB Server | SMB |
| ESX 3.x + 4.x (not ESXi) | 445 | UDP | ESX Host | MS Directory Services Server | PAM Active Directory Authentication |
| ESX 3.x + 4.x (not ESXi) | 464 | TCP | ESX Host | Active Directory Server | PAM Active Directory Authentication – Kerberos Password Services |
| ESX 3.x + 4.x (not ESXi) | 137-139 | TCP | ESX Host | SMB Server | SMB |
| ESX/ESXi 3.x + 4.x | 53 | UDP | ESX/ESXi Host | DNS Server | DNS |
| ESX/ESXi 3.x + 4.x | 80 | TCP | Client PC | ESX/ESXi Host | Redirect Web Browser to HTTPS Service (443) |
| ESX/ESXi 3.x + 4.x | 111 | TCP | ESX/ESXi Host | NFS Server | NFS Client – RPC Portmapper |
| ESX/ESXi 3.x + 4.x | 111 | UDP | ESX/ESXi Host | NFS Server | NFS Client – RPC Portmapper |
| ESX/ESXi 3.x + 4.x | 123 | UDP | ESX/ESXi Host | NTP Time Server | NTP Client |
| ESX/ESXi 3.x + 4.x | 162 | UDP | ESX Host | SNMP Collector | SNMP Trap Send |
| ESX/ESXi 3.x + 4.x | 427 | TCP | ESX/ESXi Host | ESX/ESXi Host | CIM Service Location Protocol (SLP) |
| ESX/ESXi 3.x + 4.x | 427 | UDP | ESX/ESXi Host | ESX/ESXi Host | CIM Service Location Protocol (SLP) |
| ESX/ESXi 3.x + 4.x | 443 | TCP | VI/vSphere Client | ESX/ESXi Host | VI/vSphere Client to ESX/ESXi Host management connection |
| ESX/ESXi 3.x + 4.x | 443 | TCP | ESX/ESXi Host | ESX/ESXi Host | Host to host VM migration and provisioning |
| ESX/ESXi 3.x + 4.x | 514 | UDP | ESX/ESXi Host | Syslog Server | Remote syslog logging |
| ESX/ESXi 3.x + 4.x | 902 | TCP | VI/vSphere Client | ESX/ESXi Host | VI/vSphere Client to ESX/ESXi hosted VM connectivity |
| ESX/ESXi 3.x + 4.x | 902 | TCP/UDP | ESX/ESXi Host | ESX/ESXi Host | Authentication, Provisioning, VM Migration |
| ESX/ESXi 3.x + 4.x | 903 | TCP | VI/vSphere Client | ESX/ESXi Host | VM Remote VM Console |
| ESX/ESXi 3.x + 4.x | 2049 | TCP | ESX/ESXi Host | NFS Server | NFS Client |
| ESX/ESXi 3.x + 4.x | 2049 | UDP | ESX/ESXi Host | NFS Server | NFS Client |
| ESX/ESXi 3.x + 4.x | 3260 | TCP | ESX/ESXi Host | iSCSI SAN | Software iSCSI Client and Hardware iSCSI HBA |
| ESX/ESXi 3.x + 4.x | 5988 | TCP | ESX/ESXi Host | ESX/ESXi Host | CIM Client to CIM Secure Server |
| ESX/ESXi 3.x + 4.x | 5989 | TCP | ESX/ESXi Host | ESX/ESXi Host | CIM Client to CIM Secure Server |
| ESX/ESXi 3.x + 4.x | 8000 | TCP | ESX/ESXi Host (VM Target) | ESX/ESXi Host (VM Source) | VMotion Communication on VMKernel Interface |
| ESX/ESXi 3.x + 4.x | 8000 | TCP | ESX/ESXi Host (VM Source) | ESX/ESXi Host (VM Target) | VMotion Communication on VMKernel Interface |
| ESX/ESXi 3.x + 4.x | 2050-2250 | UDP | ESX/ESXi Host | ESX/ESXi Host | VMware HA |
| ESX/ESXi 3.x + 4.x | 8042-8045 | TCP | ESX/ESXi Host | ESX/ESXi Host | VMware HA |
| ESX/ESXi 3.x only | 27000 | TCP | ESX/ESXi Host | VMware License Server | ESX/ESXi 3.x Host to License Server communication |
| ESX/ESXi 3.x only | 27010 | TCP | ESX/ESXi Host | VMware License Server | ESX/ESXi 3.x Host to License Server communication |
| ESX/ESXi 4.x only | 8100 | TCP/UDP | ESX/ESXi 4 Host | ESX/ESXi 4.x Host | VMware Fault Tolerance. ESX/ESXi 4 only. |
| ESX/ESXi 4.x only | 8200 | TCP/UDP | ESX/ESXi 4 Host | ESX/ESXi 4.x Host | VMware Fault Tolerance. ESX/ESXi 4 only. |
| ESXi 4.x only | 161 | UDP | SNMP Server | ESXi 4.x Host | SNMP Polling. Not used in ESXi 3.x |
| Guided Consolidation | 135 | TCP/UDP | Consolidation Target (Physical Server) | vCenter Converter Server | Microsoft DCE Locator Service, also known at End-Point Mapper |
| Guided Consolidation | 137 | TCP/UDP | Consolidation Target (Physical Server) | vCenter Converter Server | NetBIOS names service. Firewall administrators frequently see largernumbers of incoming packets to port 137. This is because of Windows servers that use NetBIOS (as well as DNS) to resolve IP addresses to names using the gethostbyaddr() function. As users behind the firewalls visit Windows-based Web sites, those servers frequently respond with NetBIOS lookups. |
| Guided Consolidation | 138 | TCP/UDP | Consolidation Target (Physical Server) | vCenter Converter Server | NetBIOS datagram Used by Windows, as well as UNIX services (such as SAMBA). Port 138 is used primarily by the SMB browser service that obtains Network Neighborhood information. |
| Guided Consolidation | 139 | TCP/UDP | Consolidation Target (Physical Server) | vCenter Converter Server | NetBIOS Session Windows File and Printer sharing. |
| Guided Consolidation | 445 | TCP/UDP | Consolidation Target (Physical Server) | vCenter Converter Server | DNS Direct Hosting port. In Windows 2000 and Windows XP, redirector and server components now support direct hosting for communicating with other computers running Windows 2000 or Windows XP. Direct hosting does not use NetBIOS for name resolution. DNS is used for name resolution, and the Microsoft networking communication is sent directly over TCP without a NetBIOS header. Direct hosting over TCP/IP uses TCP and UDP port 445 instead of the NetBIOS session TCP port 139. |
| Lab Manager | 137 | UDP | ESX/ESXi Host | SMB File Server | SMB File Sharing for Importing/Exporting VMs. ESXi requires Lab Manager 4.x |
| Lab Manager | 138 | UDP | ESX/ESXi Host | SMB File Server | SMB File Sharing for Importing/Exporting VMs. ESXi requires Lab Manager 4.x |
| Lab Manager | 139 | TCP | ESX/ESXi Host | SMB File Server | SMB File Sharing for Importing/Exporting VMs. ESXi requires Lab Manager 4.x |
| Lab Manager | 389 | TCP | Lab Manager Server | LDAP Server | LDAP Authentication (optional) |
| Lab Manager | 443 | TCP | Client PC | Lab Manager Server | Lab Manager Console (Web Browser) |
| Lab Manager | 443 | TCP | Lab Manager Server | vCenter Server | Lab Manager to vCenter Server Communication |
| Lab Manager | 445 | TCP | ESX/ESXi Host | SMB File Server | SMB File Sharing for Importing/Exporting VMs. ESXi requires Lab Manager 4.x |
| Lab Manager | 514 | TCP | Lab Manager Server | ESX/ESXi Host | ESX/ESXi Host Virtual Router. ESXi requires Lab Manager 4.x |
| Lab Manager | 636 | TCP | Lab Manager Server | LDAP Server | LDAPS Authentication (optional) |
| Lab Manager | 1433 | TCP | Lab Manager Server | Microsoft SQL Server | Lab Manager Connectivity to Microsoft SQL Server (for LM database) |
| Lab Manager | 5212 | TCP | Lab Manager Server | ESX/ESXi Host | Lab Manager Agent. ESXi requires Lab Manager 4.x |
| Orchestrator | 25 | TCP | VCO Server | SMTP Server | Email notifications |
| Orchestrator | 389 | TCP | VCO Server | LDAP Server | LDAP Authentication |
| Orchestrator | 443 | TCP | VCO Server | vCenter Server | Used to obtain virtual infrastructure and virtual machine information from orcestrated vCenter Server(s) through the vCenter API |
| Orchestrator | 636 | TCP | VCO Server | LDAP Server | VCO uses LDAP authentication and group membership to determine role authorization in LCM and access to VMs/requests. This is the SSL secured LDAP protocol ldaps (the SSL pendent of 389). This is used for secured LDAP authentication |
| Orchestrator | 1433 | TCP | VCO Server | Microsoft SQL Server | vCenter Orchestrator Server to Microsoft SQL Server for VCO Database |
| Orchestrator | 1521 | TCP | VCO Server | Oracle Database Server | vCenter Orchestrator Server to Oracle for VCO Database |
| Orchestrator | 3306 | TCP | VCO Server | MySQL Server | vCenter Orchestrator Server to MySQL Server for VCO Database |
| Orchestrator | 5432 | TCP | VCO Server | PostgresSQL Server | vCenter Orchestrator Server to PortgresSQL Server for VCO Database |
| Orchestrator | 8230 | TCP | VCO Client | VCO Server | Lookup port – The main port to communicate with OrchestratorConfigurator server (JNDI port). All other ports communicate with theOrchestrator Configurator smart client through this one. It is part of the JBossApplication server infrastructure |
| Orchestrator | 8240 | TCP | VCO Client | VCO Server | Command port – The application communication port (RMI container port),it is used for remote invocations. It is part of the JBoss Application serverinfrastructure. |
| Orchestrator | 8250 | TCP | VCO Client | VCO Server | Messaging port – The Java messaging port used to dispatch events. It is partof the JBoss Application server infrastructure |
| Orchestrator | 8280 | TCP | VCO Server | VCO Server | Port used by VCO Server to connect to the Web front-end via HTTP |
| Orchestrator | 8281 | TCP | VCO Server | VCO Server | Port used by VCO Server to connect to the Web front-end via HTTPS |
| Orchestrator | 8281 | TCP | vCenter Server | VCO Server | Port used by VCO Server to connect to vCenter Server to communicate with the vCenter API |
| Orchestrator | 8282 | TCP | VCO Client PC | VCO Server | HTTP server port – The port for the HTTP connector used to connect to the Web frontend. |
| Orchestrator | 8283 | TCP | VCO Client PC | VCO Server | HTTPS server port – The port for the SSL HTTP connector used to connect to the Web frontend. Requires Jetty to be configured for SSL. |
| Site Recovery Manager | 80 | TCP | Site Recovery Manager | Remote vCenter Server | SRM communication with remote vCenter Server via HTTP (Port 80 is used for the initial connection to the remote site. After the initial HTTP connection is made, the two sites establish an SSL connection over port 443 for subsequent connections.) |
| Site Recovery Manager | 80 | TCP | Site Recovery Manager | Local vCenter Server | SRM communication with local vCenter server & Plug-in download |
| Site Recovery Manager | 1426 | TCP | Site Recovery Manager | Oracle Database Server | SRM Connectivity to Oracle (for SRM database) |
| Site Recovery Manager | 1433 | TCP | Site Recovery Manager | Microsoft SQL Server | SRM Connectivity to Microsoft SQL Server (for SRM database) |
| Site Recovery Manager | 5000 | TCP | Site Recovery Manager | IBM DB2 Database Server | SRM Connectivity to IBM DB2 (for SRM database) |
| Site Recovery Manager | 9007 | TCP | Site Recovery Manager | External SRM API Client | SRM communication via WSDL and SOAP |
| Stage Manager | 137 | UDP | ESX Host | SMB File Server | SMB File Sharing for Importing/Exporting VMs |
| Stage Manager | 138 | UDP | ESX Host | SMB File Server | SMB File Sharing for Importing/Exporting VMs |
| Stage Manager | 139 | TCP | ESX Host | SMB File Server | SMB File Sharing for Importing/Exporting VMs |
| Stage Manager | 389 | TCP | Stage Manager Server | LDAP Server | LDAP Authentication (optional) |
| Stage Manager | 443 | TCP | Client PC | Stage Manager Server | Stage Manager Console (Web Browser) |
| Stage Manager | 443 | TCP | Stage Manager Server | ESX Host | Stage Manager Server communication with ESX Host Agent |
| Stage Manager | 443 | TCP | Stage Manager Server | vCenter Server | Stage Manager Server communucation with vCenter Server |
| Stage Manager | 445 | TCP | ESX Host | SMB File Server | SMB File Sharing for Importing/Exporting VMs |
| Stage Manager | 514 | TCP | Stage Manager Server | ESX Host | ESX Host Virtual Router |
| Stage Manager | 636 | TCP | Stage Manager Server | LDAP Server | LDAPS Authentication (optional) |
| Stage Manager | 5212 | TCP | Stage Manager Server | ESX Host | Stage Manager Agent |
| Update Manager | 80 | TCP | Update Manager Server | www.vmware.com and xml.shavlik.com | To obtain metadata for the updates, Update Manager must be able to connect to http://www.vmware.com and http://xml.shavlik.com |
| Update Manager | 80 | TCP | ESX/ESXi Host | Update Manager Host | ESX/ESXi Host to Update Manager Server . The reverse proxy forwards the required to port 9084 |
| Update Manager | 80 | TCP | Update Manager Server | vCenter Server | Update Manager to vCenter Server communication |
| Update Manager | 443 | TCP | Update Manager Server | www.vmware.com and xml.shavlik.com | To obtain metadata for the updates, Update Manager must be able to connect to http://www.vmware.com and http://xml.shavlik.com |
| Update Manager | 443 | TCP | ESX/ESXi Host | Update Manager Server | ESX/ESXi Host to Update Manager Server . The reverse proxy forwards the required to port 9084 |
| Update Manager | 443 | TCP | vCenter Server | Update Manager Server | vCenter Server to Update Manager Server. The reverse proxy forwards the request to port 8084 |
| Update Manager | 902 | TCP | Update Manager Server | ESX/ESXi Host | To push patches and updates from Update Manager to the ESX/ESXi Hosts to be updated |
| Update Manager | 1433 | TCP | Update Manager Server | Microsoft SQL Server | Update Manager to Microsoft SQL Server connectivity (for UM Database) |
| Update Manager | 1521 | TCP | Update Manager Server | Oracle Database Server | Update Manager to Oracle connectivity (for UM Database) |
| Update Manager | 8084 | TCP | Update Manager Server | Update Manager Server | SOAP between components of Update Manager Server |
| Update Manager | 9084 | TCP | Update Manager Server | Update Manager Server | Update Manager Web Server. Accessed through reverse proxy from port 80 and/or 443 |
| Update Manager | 9000-9100 | TCP | Update Manager Server | ESX/ESXi Host | This is the recommend port range from which to choose ports for Update Manager if ports 80 and 443 are already in use. Update Manager automatically opens these ports for ESX Host scanning and remediation |
| vCenter 2.5.x + 4.x | 25 | TCP | vCenter Server | SMTP Server | Email notifications |
| vCenter 2.5.x + 4.x | 53 | UDP | vCenter Server | DNS Server | DNS lookups |
| vCenter 2.5.x + 4.x | 80 | TCP | Client PC | vCenter Server | Redirect Web Browser to HTTPS Service (443) |
| vCenter 2.5.x + 4.x | 88 | TCP | vCenter Server | Active Directory Server | AD Authentication |
| vCenter 2.5.x + 4.x | 88 | UDP | vCenter Server | Active Directory Server | AD Authentication |
| vCenter 2.5.x + 4.x | 161 | UDP | SNMP Server | vCenter Server | SNMP Polling |
| vCenter 2.5.x + 4.x | 162 | UDP | vCenter Server | SNMP Server | SNMP Trap Send |
| vCenter 2.5.x + 4.x | 389 | TCP | vCenter Server | LDAP Server | LDAP Authentication |
| vCenter 2.5.x + 4.x | 443 | TCP | vCenter Server | ESX/ESXi Host | vCenter Agent |
| vCenter 2.5.x + 4.x | 443 | TCP | Client PC | vCenter Server | VI Web Access (Web Browser) |
| vCenter 2.5.x + 4.x | 443 | TCP | VI/vSphere Client | vCenter Server | VI\vSphere Client access to vCenter Server |
| vCenter 2.5.x + 4.x | 445 | TCP | vCenter Server | Active Directory Server | AD Authentication |
| vCenter 2.5.x + 4.x | 445 | UDP | vCenter Server | Active Directory Server | AD Authentication |
| vCenter 2.5.x + 4.x | 902 | UDP | vCenter Server | ESX/ESXi Host | Heartbeat |
| vCenter 2.5.x + 4.x | 902 | UDP | ESX/ESXi Host | vCenter Server | Heartbeat |
| vCenter 2.5.x + 4.x | 903 | TCP | Client PC | vCenter Server | VI/vSphere Client to VM Console |
| vCenter 2.5.x + 4.x | 903 | TCP | vCenter Server | ESX/ESXi Host | VI/vSphere Client to VM Console (after connection established between VI/vSphere Client and vCenter) |
| vCenter 2.5.x + 4.x | 1433 | TCP | vCenter Server | Microsoft SQL Server | For vCenter Microsoft SQL Server Database |
| vCenter 2.5.x + 4.x | 1521 | TCP | vCenter Server | Oracle Database Server | For vCenter Oracle Database |
| vCenter 2.5.x + 4.x | 8005 | TCP | vCenter Server | vCenter Server | Internal Communication Port |
| vCenter 2.5.x + 4.x | 8006 | TCP | vCenter Server | vCenter Server | Internal Communication Port |
| vCenter 2.5.x + 4.x | 8083 | TCP | vCenter Server | vCenter Server | Internal Service Diagnostics |
| vCenter 2.5.x + 4.x | 8085 | TCP | vCenter Server | vCenter Server | Internal Service Diagnostics |
| vCenter 2.5.x + 4.x | 8086 | TCP | vCenter Server | vCenter Server | Internal Communication Port |
| vCenter 2.5.x + 4.x | 8087 | TCP | vCenter Server | vCenter Server | Internal Service Diagnostics |
| vCenter 2.5.x + 4.x | 27000 | TCP | vCenter Server | VMware License Server | Licensing via FlexLM. Only required by vCenter 4 if ESX/ESXi 3.x Hosts will be supported |
| vCenter 2.5.x + 4.x | 27000 | TCP | VMware License Server | vCenter Server | Licensing via FlexLM. Only required by vCenter 4 if ESX/ESXi 3.x Hosts will be supported |
| vCenter 2.5.x + 4.x | 27010 | TCP | vCenter Server | VMware License Server | Licensing via FlexLM. Only required by vCenter 4 if ESX/ESXi 3.x Hosts will be supported |
| vCenter 2.5.x + 4.x | 27010 | TCP | VMware License Server | vCenter Server | Licensing via FlexLM. Only required by vCenter 4 if ESX/ESXi 3.x Hosts will be supported |
| vCenter 4.x only | 636 | TCP | vCenter Server | Linked vCenter Servers | Linked mode connectivity between vCenter Servers |
| vCenter 4.x only | 8080 | TCP | Client PC | vCenter 4 Server | VMware vCenter 4 Management Web Services – HTTP |
| vCenter 4.x only | 8443 | TCP | Client PC | vCenter 4 Server | VMware vCenter 4 Management Web Services – HTTPS |
| View 3.x only | 8443 | TCP | View Connection Server/View Manager | vCenter Server | View Composer |
| View 3.x only | 32111 | TCP | View Client | View Agent (Virtual Desktop) | USB Device Communication |
| View 3.x only | 32111 | TCP | View Agent (Virtual Desktop) | View Client | USB Device Communication |
| View 4.x only | 902 | TCP | View Client/View Client with Offline Desktop | ESX Host | (Optional) View Client with Offline Desktop data is downloaded and uploaded through this port. |
| View 4.x only | 3268 | TCP | View/VDM Connection Server/View Manager | Active Directory Server | Global Catalog Server |
| View 4.x only | 3269 | TCP | View/VDM Connection Server/View Manager | Active Directory Server | Global Catalog Server |
| View 4.x only | 9427 | TCP | View Client/View Client with Offline Desktop | View Agent (Virtual Desktop) | (Optional) Multimedia Redirection (MMR). MMR is support by View Client and View Client with Offline Desktop on certain operating systems. |
| View 4.x only | 50002 | TCP/UDP | View Agent (Virtual Desktop) | View Client | PCoIP (AES 128-bit encryption) |
| View 4.x only | 50002 | TCP/UDP | View Client | View Agent (Virtual Desktop) | PCoIP (AES 128-bit encryption) |
| View/VDM 2.x | 80 | TCP | Client PC | View/VDM Connection Server | VDM Web Access (not required if only HTTPS is to be supported) |
| View/VDM 2.x | 80 | TCP | View/VDM Client | View/VDM Connection Server | VDM Access (not required if only HTTPS is to be supported) |
| View/VDM 2.x | 80 | TCP | Client PC | View/VDM Security Server | VDM Web Access (not required if only HTTPS is to be supported)The Security Server used as a proxy in a DMZ to allow for external connections in. The View Manager/Connection Broker has an ADAM instance on it and thus, a fair amount of the AD (not a good thing to put on the DMZ). If View is LAN-based only, then it’s irrelevant. If it’s publicly accessed, then you definitely want a Security Server to act on behalf of external clients coming in (assuming no VPN) |
| View/VDM 2.x | 80 | TCP | View/VDM Client | View/VDM Security Server | VDM Access (not required if only HTTPS is to be supported) |
| View/VDM 2.x | 88 | TCP | View/VDM Connection Server/View Manager | Active Directory Server | AD Authentication |
| View/VDM 2.x | 88 | UDP | View/VDM Connection Server/View Manager | Active Directory Server | AD Authentication |
| View/VDM 2.x | 389 | TCP/UDP | View/VDM Connection Server/View Manager | LDAP Server | LDAP Authentication |
| View/VDM 2.x | 443 | TCP | Client PC | View/VDM Connection Server/View Manager | VDM Web Access and VDM Administration |
| View/VDM 2.x | 443 | TCP | Thin Client | View/VDM Connection Server/View Manager | VDM API |
| View/VDM 2.x | 443 | TCP | View/VDM Client | View/VDM Connection Server/View Manager | VDM Access |
| View/VDM 2.x | 443 | TCP | Client PC | View/VDM Security Server | VDM Web Access (Web Browser) |
| View/VDM 2.x | 443 | TCP | View/VDM Client | View/VDM Security Server | VDM Access |
| View/VDM 2.x | 443 | TCP | View/VDM Connection Server/View Manager | vCenter Server | VDM to vCenter communication |
| View/VDM 2.x | 445 | TCP | View/VDM Connection Server/View Manager | Active Directory Server | AD Authentication |
| View/VDM 2.x | 445 | UDP | View/VDM Connection Server/View Manager | Active Directory Server | AD Authentication |
| View/VDM 2.x | 3389 | TCP | Client PC/Thin Client/View/VDM Client | Virtual Desktop VM (View/VDM Agent) | Direct RDP Connection (RSA RC4 encryption, can be set High/Medium/Low)- High: encrypts both the data sent from client to server and the data sent from server to client using a 128 bit key.- Medium: encrypts both the data sent from client to server and the data sent from server to client using a 56 bit key if the client is a Windows 2000 or above client, or a 40 bit key if the client is an earlier version.- Low: encrypts only the data sent from client to server, using either a 56 or 40 bit key, depending on the client version. Useful to protect usernames and passwords sent from client to server. |
| View/VDM 2.x | 3389 | TCP | View/VDM Security Server | Virtual Desktop VM (View/VDM Agent) | Tunneled RDP Connection (RSA RC4 encryption, can be set High/Medium/Low)- High: encrypts both the data sent from client to server and the data sent from server to client using a 128 bit key.- Medium: encrypts both the data sent from client to server and the data sent from server to client using a 56 bit key if the client is a Windows 2000 or above client, or a 40 bit key if the client is an earlier version.- Low: encrypts only the data sent from client to server, using either a 56 or 40 bit key, depending on the client version. Useful to protect usernames and passwords sent from client to server. |
| View/VDM 2.x | 4001 | TCP | View/VDM Security Server | View/VDM Connection Server/View Manager | Java Messenger Service (JMS) |
| View/VDM 2.x | 4001 | TCP | View/VDM Connection Server/View Manager | View/VDM Security Server | Java Messenger Service (JMS) |
| View/VDM 2.x | 4001 | TCP | Virtual Desktop VM (View/VDM Agent) | View/VDM Connection Server/View Manager | |
| View/VDM 2.x | 4100 | TCP | View/VDM Connection Server/View Manager | View/VDM Connection Server/View Manager | Java Messenger Service (JMS) inter-router traffic |
| View/VDM 2.x | 8009 | TCP | View/VDM Security Server | View/VDM Connection Server/View Manager | Apache Jserv Protocol (AJP) |
| View/VDM 2.x | 8009 | TCP | View/VDM Connection Server/View Manager | View/VDM Security Server | Apache Jserv Protocol (AJP) |
| View/VDM 2.x | 42966 | TCP | View Client/View Client with Offline Desktop | ESX Host | (Optional) Hewlett-Packard RGS Sender Application is the server-side component of the HP RGS remote display protocol |
| View/VDM 2.x | 1024 – 65535 | TCP | View/VDM Connection Server/View Manager | View/VDM Connection Server/View Manager | This is required for ADAM replication (Active Directory “lite” replication) between VDM Connection Servers. With a Registry entry this can be fixed to a defined set of ports, but by default its a random TCP high port |
| View/VDM 2.x | 1024-65535 | TCP | View/VDM Connection Server/View Manager | Virtual Desktop VM (View/VDM Agent) | Ephemeral Ports. A short-lived connection between View Manager and the virtual desktop |