VMware Cloud Community
hortencio
Enthusiast
Enthusiast
Jump to solution

Update Manager Ports

I'm using VC2.5 and ESX3.5.

I have installed update manager in my environment, but it fails in the task "update signature". It's not able to download the patches from the internet. I suspect of a possible firewall rule issue. What ports does Update Manager uses to download the patches from the internet ?

Thanks in advance

Reply
0 Kudos
1 Solution

Accepted Solutions
vmroyale
Immortal
Immortal
Jump to solution

Check this kb article .

Update Manager is installed as part of the installation process for VirtualCenter. If you have an established VMware Infrastructure environment, you can use the same installer to add Update Manager functionality.

You can install Update Manager on the same computer as the VirtualCenter Server or on a different computer.

Before you install Update Manager, gather the networking information (including the IP address and port number) about the VirtualCenter Server that Update Manager will work with. In most cases, the Web service port is used. The default for the Web service port is 443.

After the installation:

*

The Update Manager Web server listens on 9084 TCP if the default is not changed during the installation.

*

The Update Manager SOAP server listens on 8084 TCP if the default is not changed during the installation.

Both are accessed through a reverse proxy that listens on the standard ports 80 and 443, but there is a slight difference depending on the installation:

*

When Update Manager and VirtualCenter Server are installed on the same machine:

o

All incoming connections to Update Manager are accessed through a reverse proxy provided by the VirtualCenter Server.

o

ESX Server connects to port 80, and the VirtualCenter Server forwards the request to the Update Manager Web server listening on 9084 for host patch downloads.

o

The VirtualCenter Server directly connects to Update Manager on 8084 because they are on the same machine.

*

When Update Manager and the VirtualCenter Server are installed on two different machines:

o

Update Manager has a reverse proxy listening on ports 80 and 443 if the default is not changed during the installation.

o

The VirtualCenter Server connects to Update Manager through port 443. The reverse proxy forwards the request to 8084.

o

ESX Server connects to Update Manager through port 80. The reverse proxy forwards the request to 9084.

To obtain metadata, Update Manager must be able to connect to http://www.vmware.com/ and www.shavlik.com, and requires outbound ports 80 and 443.

For binary data, the outbound ports are 80 and 443.

For ESX Server scanning and remediation, Update Manager requires that port 80 be open on the ESX Server host.

If the default ports 80 and 443 are already in use by another application, the alternate port numbers used by Update Manager should be within the range 9000-9100. Update Manager automatically opens these ports for ESX Server scanning and remediation.

Brian Atkinson | vExpert | VMTN Moderator | Author of "VCP5-DCV VMware Certified Professional-Data Center Virtualization on vSphere 5.5 Study Guide: VCP-550" | @vmroyale | http://vmroyale.com

View solution in original post

Reply
0 Kudos
1 Reply
vmroyale
Immortal
Immortal
Jump to solution

Check this kb article .

Update Manager is installed as part of the installation process for VirtualCenter. If you have an established VMware Infrastructure environment, you can use the same installer to add Update Manager functionality.

You can install Update Manager on the same computer as the VirtualCenter Server or on a different computer.

Before you install Update Manager, gather the networking information (including the IP address and port number) about the VirtualCenter Server that Update Manager will work with. In most cases, the Web service port is used. The default for the Web service port is 443.

After the installation:

*

The Update Manager Web server listens on 9084 TCP if the default is not changed during the installation.

*

The Update Manager SOAP server listens on 8084 TCP if the default is not changed during the installation.

Both are accessed through a reverse proxy that listens on the standard ports 80 and 443, but there is a slight difference depending on the installation:

*

When Update Manager and VirtualCenter Server are installed on the same machine:

o

All incoming connections to Update Manager are accessed through a reverse proxy provided by the VirtualCenter Server.

o

ESX Server connects to port 80, and the VirtualCenter Server forwards the request to the Update Manager Web server listening on 9084 for host patch downloads.

o

The VirtualCenter Server directly connects to Update Manager on 8084 because they are on the same machine.

*

When Update Manager and the VirtualCenter Server are installed on two different machines:

o

Update Manager has a reverse proxy listening on ports 80 and 443 if the default is not changed during the installation.

o

The VirtualCenter Server connects to Update Manager through port 443. The reverse proxy forwards the request to 8084.

o

ESX Server connects to Update Manager through port 80. The reverse proxy forwards the request to 9084.

To obtain metadata, Update Manager must be able to connect to http://www.vmware.com/ and www.shavlik.com, and requires outbound ports 80 and 443.

For binary data, the outbound ports are 80 and 443.

For ESX Server scanning and remediation, Update Manager requires that port 80 be open on the ESX Server host.

If the default ports 80 and 443 are already in use by another application, the alternate port numbers used by Update Manager should be within the range 9000-9100. Update Manager automatically opens these ports for ESX Server scanning and remediation.

Brian Atkinson | vExpert | VMTN Moderator | Author of "VCP5-DCV VMware Certified Professional-Data Center Virtualization on vSphere 5.5 Study Guide: VCP-550" | @vmroyale | http://vmroyale.com
Reply
0 Kudos