mobcdi
Enthusiast
Enthusiast

VCP Prep free webex - sample question

Jump to solution

I watched the VCP prep webex session but can't understand why 1 of the sample questions in it choose the particular answer.

Question

An administrator is using a vSphere Client to connect to vCenter Server. The machine running the client is external to the company firewall. Which of the following ports must be open in the firewall so that the administrator can perform management functions and open remote console sessions

Answer Selected

Port "443"

Explaination

Explaination while 902,903 and 427 are all used for vSphere Communication only 443 is required for connections between the vSphere Client and vCenter Server

My question:

Given 903 is used for MKS would that not be needed to comply with the "open remote console sessions" part of the question or does all traffic between vSphere Client and VC go over port 443 and the interaction between VC and hosts happen on the different ports

Tags (2)
0 Kudos
1 Solution

Accepted Solutions
chriswahl
Virtuoso
Virtuoso

It appears so. The only connection I see listed from vSphere Client to vCenter 4.X Server is over 443.

I have only 443 (SSL) open to my vCenter lab server at home and am able to view the console on a VM.

VCDX #104 (DCV, NV) ஃ WahlNetwork.com ஃ @ChrisWahl ஃ Author, Networking for VMware Administrators

View solution in original post

0 Kudos
6 Replies
chriswahl
Virtuoso
Virtuoso

Looks like 903 is used from the vCenter 4.X server to the ESX/ESXi host, as documented here:

http://kb.vmware.com/kb/1012382

Product

Port

Protocol

Source

Target

Purpose

vCenter 4.x

903

TCP

vCenter Server

ESX/ESXi Host

VI/vSphere Client to VM Console   (after connection established between VI/vSphere Client and vCenter)

VCDX #104 (DCV, NV) ஃ WahlNetwork.com ஃ @ChrisWahl ஃ Author, Networking for VMware Administrators
mobcdi
Enthusiast
Enthusiast

So then client to vCenter is 443 and everything else happens from vCenter to host through the various ports listed like 903?

0 Kudos
chriswahl
Virtuoso
Virtuoso

It appears so. The only connection I see listed from vSphere Client to vCenter 4.X Server is over 443.

I have only 443 (SSL) open to my vCenter lab server at home and am able to view the console on a VM.

VCDX #104 (DCV, NV) ஃ WahlNetwork.com ஃ @ChrisWahl ஃ Author, Networking for VMware Administrators
0 Kudos
mobcdi
Enthusiast
Enthusiast

Will go with that so, thanks for the help

0 Kudos
AnthonyChow
Hot Shot
Hot Shot

Page 156 of the ESX Configuration Guide (Figure 12-1), it shows 3 firewalls.

On  the top the firewall has port 443 only.  The second firewall in the  middle has port 443, 902, 5989 and the last firewall has port 443, 902,  2050-2250 and 8042-8045.

The question was asking communication between vSphere Client and the vCenter Server.  Without this diagam, it is difficult to answer the question.

I have not taken the VCP test yet and is planning to take it next week.

Everyone have a nice weekend.

mobcdi
Enthusiast
Enthusiast

Thanks same diagram in ESXi Configuration pg 148

0 Kudos