SCVMM and Network Ports We Use for Communication

  • Article

More than often, deploying SCVMM server and managing VM hosts require coordination with your network admins. One of the frequently asked questions is "What ports should I ask my network guy to open for me in order to allow SCVMM server to talk to the hosts?". For a tightly controlled enterprise data center, this question will come up for sure. By default, everything is blocked. Ports are only open (or exempted) per request and with good justifications.

Other times when a host failed to be added or the host agent goes into a "Not Responding" state, if you cannot afford to turn off the firewall, you might be scratching your head to try figuring out what port needs to be open and what needs not.

So, to make our SCVMM admin's job easier, here is the list of TCP/IP ports SCVMM needs to talk to various system components:

  • VMM Server exceptions needed:
    • 80 (HTTP, WS-MAN)
    • 443 (HTTPS, BITS)
    • 8100 (WCF Connections to PowerShell or Admin Console)
  • SQL Server
    • 1433 (Remote SQL instance connection)
    • 1434 (SQL browser service) - only needed for initial setup
  • Host / Library
    • 80 (HTTP, WS-MAN)
    • 443 (HTTPS, BITS)
    • 3389 (RDP)
    • 2179 (VMConnect on Hyper-V hosts for single-class console view)
    • 5900 (VMRC on Virtual Server hosts)
  • VMware VirtualCenter server
    • 443 (HTTPS for calling VI Web Services APIs)
  • VMware ESX hosts
    • 443 (HTTPS for calling VI Web Services APIs)
    • 22 (SSH for SFTP files to/from ESX hosts) - this is only used for ESX host version 3.0 and 3.5 (not needed for 3.5i)

 

Hope this helps.

Thanks for reading,

Cheng