8 Replies Latest reply on Aug 10, 2009 7:42 AM by Texiwill

    vSphere in the DMZ Question

    timcwhite Enthusiast


      Good morning,



                      We are in the process of implementing vSphere 4 in our DMZ and I wanted to run a question by you regarding the design. Currently, we are running our Virtual Center server within our Core network. The new vSphere servers will reside within our DMZ but will need to be managed by the internal Virtual Center server.  Below are the following scenarios that we are considering.



      Scenario I:



      Open the following ports:


      • Port 22 and 902 between our VC and ESX hosts

      • Port 903 between our VI client and Virtual Machines for remote console

      • Port 27000 and 27010 between our vSphere hosts and license server (this is also our virtual center server)

      • Port 443 for inbound HTTPS connections


      Scenario II



      Don't open any ports and connect the service console and the Vkernel network to our core network.






      Has anyone implemented either? What is your opinion/suggestions regarding either scenario?