VMware Cloud Community
Lalegre
Virtuoso
Virtuoso

How to check TCP/UPD ports of vCenter

Hello everyone,

I want to know if the ports required for my vCenter Server are open.

Any idea of how can i do this?

Thanks you.

Reply
0 Kudos
6 Replies
unsichtbare
Expert
Expert

Use telnet:

vcenter-telnet-443-message.png

+The Invisible Admin+ If you find me useful, follow my blog: http://johnborhek.com/
Reply
0 Kudos
RaviMV
Enthusiast
Enthusiast

Confirming connectivity to a TCP port with telnet

Note: Telnet is available only on ESX hosts. For ESXi 3.5, 4.x and 5.x, you will need to use the netcat (nc). Please see the section below titled "Confirming connectivity to a TCP port with netcat" for further information.

While the ping command confirms connectivity, it does not necessarily mean that all TCP ports on the remote host can be reached. It is possible for a network firewall to allow or block access to certain ports on a host.

To check if specific TCP ports are running on the remote host, you can use the telnet command to confirm if a port is online.

# telnet destination-ip destination-port

When trying to establish a telnet connection to TCP port 80, you see an output similar to:

# telnet 192.168.48.133 80

Trying 192.168.48.133...

Connected to 192.168.48.133.

Escape character is '^]'.

In this sample output, you can see that you are connected to port 80 (http) on the server with IP address 192.168.48.133.

If you choose a port number for a service that is not running on the host, you see an output similar to:

# telnet 192.168.48.133 81

Trying 192.168.48.133...

telnet: Unable to connect to remote host: Connection timed out

In this case, you can see that there is no response when you attempt to connect to port 81 on the server 192.168.48.133.


Note: Telnet is an application that operates using the TCP protocol. UDP connectivity can not be tested using Telnet.


Viewing active TCP/UDP connections with netstat and esxcli network

When troubleshooting network connectivity issues, it may be helpful to see all the active incoming and outgoing TCP/UDP connections on an ESX/ESXi host. ESX hosts can use the netstat command and ESXi 4.1 and later hosts can use esxcli network to show the list of TCP/UDP connections. The commands are:

ESX 3.5/4.x – # netstat -tnp

ESXi 4.1 – # esxcli network connection list

ESXi 5.0 – # esxcli network ip connection list

ESXi 5.1 – # esxcli network ip connection list

ESXi 5.5 – # esxcli network ip connection list


Sample output from an ESXi 4.1 host:

# esxcli network connection list

Proto  Recv-Q  Send-Q  Local Address       Foreign Address     State        World ID

tcp    0       52      192.168.48.136:22   192.168.48.1:55169  ESTABLISHED  0

tcp    0       0       127.0.0.1:62024     127.0.0.1:5988      TIME_WAIT    0

tcp    0       0       127.0.0.1:57867     127.0.0.1:5988      TIME_WAIT    0

tcp    0       0       127.0.0.1:62196     127.0.0.1:5988      TIME_WAIT    0

tcp    0       0       127.0.0.1:8307      127.0.0.1:52943     ESTABLISHED  5790

tcp    0       0       127.0.0.1:52943     127.0.0.1:8307      ESTABLISHED  5790

tcp    0       0       127.0.0.1:80        127.0.0.1:55629     ESTABLISHED  5785

tcp    0       0       127.0.0.1:55629     127.0.0.1:80        ESTABLISHED  6613

tcp    0       0       127.0.0.1:8307      127.0.0.1:56319     ESTABLISHED  5785

tcp    0       0       127.0.0.1:56319     127.0.0.1:8307      ESTABLISHED  5785

tcp    0       0       127.0.0.1:80        127.0.0.1:62782     ESTABLISHED  5166

tcp    0       0       127.0.0.1:62782     127.0.0.1:80        ESTABLISHED  6613

tcp    0       0       127.0.0.1:5988      127.0.0.1:53808     FIN_WAIT_2   0

tcp    0       0       127.0.0.1:53808     127.0.0.1:5988      CLOSE_WAIT   5166

tcp    0       0       127.0.0.1:8307      127.0.0.1:56963     CLOSE_WAIT   5788

tcp    0       0       127.0.0.1:56963     127.0.0.1:8307      FIN_WAIT_2   5785

tcp    0       0       127.0.0.1:8307      0.0.0.0:0           LISTEN       5031

tcp    0       0       127.0.0.1:8309      0.0.0.0:0           LISTEN       5031

tcp    0       0       127.0.0.1:5988      0.0.0.0:0           LISTEN       0

tcp    0       0       0.0.0.0:5989        0.0.0.0:0           LISTEN       0

tcp    0       0       0.0.0.0:80          0.0.0.0:0           LISTEN       5031

tcp    0       0       0.0.0.0:443         0.0.0.0:0           LISTEN       5031

tcp    0       0       127.0.0.1:12001     0.0.0.0:0           LISTEN       5031

tcp    0       0       127.0.0.1:8889      0.0.0.0:0           LISTEN       5331

tcp    0       0       192.168.48.136:427  0.0.0.0:0           LISTEN       0

tcp    0       0       127.0.0.1:427       0.0.0.0:0           LISTEN       0

tcp    0       0       0.0.0.0:22          0.0.0.0:0           LISTEN       0

tcp    0       0       0.0.0.0:902         0.0.0.0:0           LISTEN       0

tcp    0       0       0.0.0.0:8000        0.0.0.0:0           LISTEN       4801

tcp    0       0       0.0.0.0:8100        0.0.0.0:0           LISTEN       4795

udp    0       0       192.168.48.136:427  0.0.0.0:0                        0

udp    0       0       0.0.0.0:427         0.0.0.0:0                        0

udp    0       0       192.168.48.136:68   0.0.0.0:0                        4693

udp    0       0       0.0.0.0:8200        0.0.0.0:0                        4795

udp    0       0       0.0.0.0:8301        0.0.0.0:0                        4686

udp    0       0       0.0.0.0:8302        0.0.0.0:0                        4686

To retrieve errors and statistics for a network adapter, run this command:

# esxcli network nic stats get -n <vmnicX>

Where <vmnicX> is the name of a NIC in your ESXi host.

Reply
0 Kudos
unsichtbare
Expert
Expert

Netcat is a great utility!

I have to say, however, you can absolutely telnet from Windows to an ESXi host (or a vCenter Server)! The picture below represents just that to ESXi 6.0.0b in my own lab.

esxi-telnet-902-message.png

I believe you are also confusing netcat and netstat.

  • Netcat is a utility to check TCP/UDP connectivity between two entities
  • Netstat shows current open connections

Here is a link to the complete VMware KB you cited: http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=202066...

+The Invisible Admin+ If you find me useful, follow my blog: http://johnborhek.com/
Reply
0 Kudos
balarajugopinat
Enthusiast
Enthusiast

Pleae follow this KB describes the ports

VMware KB: Required ports for VMware vCenter Server 5.5

Reply
0 Kudos
mohdhanifk
Enthusiast
Enthusiast

The required TCP/UDP ports for vCenter server is listed in VMware KB: Required ports for VMware vCenter Server 5.5

See also http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=101238...

Checking port usage from Windows

To check the listening ports and applications with Netstat:

  1. Open a command prompt. For more information, see Opening a command or shell prompt (1003892).
  2. Run this command:

    netstat -bano

    You see output similar to:

    C:\netstat -bano | more

    Proto    Local Address    Foreign Address    State        PID
    TCP      0.0.0.0:port     0.0.0.0:0          LISTENING    process ID
    [process.exe]
    TCP      0.0.0.0:port     0.0.0.0:0          LISTENING    process ID
    [process.exe]
    ...

    where:


    • process is the name of the application
    • port is the port that is being used
    • process ID is the process ID of the process
Reply
0 Kudos