Re: What port to open for scanning ESX host that s...

tlnguyen · ‎05-19-2009

I have 2 esx host on my DMZ. Scanning foe updates failed. I open updatemanager in my security profile, but that did not help. Now I suspect that my DMZ firewall has to be the culprit here.

What port do I need to be open in order to scan the ESX box in my DMZ

Thanks

LAM

iztok666 · ‎05-21-2009

I guess you need to open TCP ports 80 and 443 in both directions. 80 is maybe even unneeded...

More precisely you need:

VC_server (port >1023) to ESX (port 80)

VC_server (port >1023) to ESX (port 443)

ESX (port >1023) to VC_server (port 80)

ESX (port >1023) to VC_server (port 443)

I'm also setting up a VUM infrastructure and from docs i think that above ports are needed...

HTH

tlnguyen · ‎05-22-2009

Could you tell me what document to look at ? my company is very compliant. Network guys won't do it if it is not stated in a document.

Also. when I enable updatemanger in security profile it says (80, 9000-9100). port 80 is open in my firewall. Does 9000-9100 needs to be open too ?

Thanks

AndreTheGiant · ‎05-23-2009

http://www.vmware.com/pdf/vi3_vum_10_admin_guide.pdf

Andre

**if you found this or any other answer useful please consider allocating points for helpful or correct answers

Andrew | http://about.me/amauro | http://vinfrastructure.it/ | @Andrea_Mauro

tlnguyen · ‎05-27-2009

Hi,

I don't see any mention of port # number you mention in the document.

chukarma · ‎05-27-2009

Port 80 and 443 should be enough - I just set up my DMZ environment with this doc.

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=100454...

All

What port to open for scanning ESX host that sits on DMZ