lorengordon
Enthusiast
Enthusiast

As a follow on, we tested the firewall rules provided in the KB2047585 with VCSA 5.5 and it broke vCenter. We researched the ports required by vCenter and found a few KBs, and it appears that the list of ports specified in the firewall.txt script may be incomplete. Unfortunately, the KBs on required ports are not especially consistent among themselves and not all of them specify port, protocol and direction, so it will take a fair bit of testing to figure out exactly which additional rules are required. Below are the discrepancies I found with the firewall.txt per KB.

missing from http://kb.vmware.com/kb/2012773 (VCSA specific):

135

8090

21100

22000

22100

11711

11712

8190

8191

missing from http://kb.vmware.com/kb/1012382 (vCenter 5.x and 5.5 from list of all VMware products):

88

135

161

162

623

903

8005

8006

8009

8083

8085

8086

8087

8089

60099

8003

2012

2013

2014

7331

11711

11712

12721

49000 to 65000

missing from http://kb.vmware.com/kb/2051575 (vCenter on Windows):

88

903

2012

2013

2014

60099

7331

9875-9877

10111

11711

11712

12721

49000 to 65000

8190

8191

22000

22100

21100

Reply
0 Kudos