VMware Cloud Community
Dthomsen
Enthusiast
Enthusiast

VC 2.5 needs 443 open to ESX hosts???

So I'm finding out tonight that the "minor" update from 2.0.2 to 2.5 is now requiring 443 to be open thought the firewall to my hosts. This seems rediculous that they would change what ports are needed and not mention this except in one document ( page 183). The pictures don't even show this clearly, they show 443 for your VI client to ESX but VC to ESX shows 902. No other document mentions or shows communication between VC and ESX needing 443. Is anyone else effected by this? I will have to redesign my infrastructure as infosec will not allow 443 to be open to my hosts on external DMZs.

Someone please tell me this isn't so. What was wrong with using just port 902? Worked fine for us for so long.

Tags (4)
Reply
0 Kudos
24 Replies
Dthomsen
Enthusiast
Enthusiast

SR 1109708531 opened last Wednesday. Haven't gotten much "support".

Reply
0 Kudos
williamarrata
Expert
Expert

You should give them a call ASAP and also are your ESX Hosts patched up to the latest?

Hope that helped. Smiley Happy

Hope that helped. 🙂
Reply
0 Kudos
williamarrata
Expert
Expert

There are 2 updates. One for ESX 3.5 and one for VC 2.5

Hope that helped. Smiley Happy

Hope that helped. 🙂
Reply
0 Kudos
williamarrata
Expert
Expert

Go to this site for all your Updates.

Hope that helped. Smiley Happy

Hope that helped. 🙂
Reply
0 Kudos
bflynn0
Expert
Expert

Just came across this thread, it sounds like you have a similar setup to mine where you have a firewall between your VC Server and your ESX Hosts. 443/tcp is needed from VC to ESX. The following is the ports I needed to have opened prior to going to VC 2.5 (we have both 3.0.x and 3.5 ESX hosts):

From VC Server to ESX Hosts:

902 udp/tcp

443/tcp

From ESX Hosts to VC Server:

902/udp

80/tcp (This is needed for Update Manager - our VC Server is also our VUM Server)

27000/tcp (This is for License Server also on our VC Server)

27010/tcp (This is for License Server also on our VC Server)

From VIC Systems to VC Server:

80/tcp

443/tcp

902/tcp

From VIC Systems to ESX Hosts (these also allow for direct access to ESX Hosts via VIC in the event of a VC outage):

22/tcp (for ssh)

80/tcp

443/tcp

902/tcp

903/tcp

Hope that helps.

Reply
0 Kudos