Solved

What ports do VSphere Vclient use?

Posted on 2010-11-09
9
1,571 Views
Last Modified: 2012-05-10
I'd like to remotely connect to an ESX box on a remote network.  I'm fine with how to configure the Netscreen to open up ports to allow inbound/outbound traffic but don't know what ports to open.  I'm using Vsphere client 4.0.0 Build 208111 and the box is ESX 4.0.0 Build 208167.

Found this link from VMWare's site but is sort of confusing as to what I really need:
http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1012382
0
Comment
Question by:sedberg1
9 Comments
 
LVL 3

Expert Comment

by:nlandas
ID: 34093196
0
 
LVL 40

Accepted Solution

by:
coolsport00 earned 250 total points
ID: 34093229
Ports 80 and 443. If you need to change them, see:
http://kb.vmware.com/kb/1021199

Regards,
~coolsport00
0
 
LVL 40

Expert Comment

by:coolsport00
ID: 34093232
BTW "nlandas"...the poster looked at that link, but was confused as to the specific ports the Client uses. :)

~coolsport00
0
 
LVL 2

Assisted Solution

by:Hossy
Hossy earned 125 total points
ID: 34093239
I found some good documentation for you:

http://www.vmware.com/pdf/vsphere4/r40/vsp_40_esx_server_config.pdf
Chapter 12, page 145-154 "Securing the Network with Firewalls"
In particular, there is a nice table on 153-154 listing all ports.
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 14

Assisted Solution

by:Deepak Kosaraju
Deepak Kosaraju earned 125 total points
ID: 34094007
vSphere ESX Connections:
a) Web access uses port 80 and 443 via a supported Web Browser; to connect, you have to make sure the "vmware-webAccess" service is started on the host (service vmware-webAccess status; service vmware-webAccess start); The vSphere Client, vSphere Web Access Client, and SDK use port 443 to send
data to vCenter Server managed hosts. Also, the vSphere Client, vSphere Web Access Client, and SDK, when connected directly to an ESX host, use this port to support any management functions related to the server and its virtual machines
b) vSphere Client uses port 902/903 to connect directly to ESX/i host for VM console access as well as data transfer
c) Putty uses SSH, which uses port 22 to connect directly to the ESX host
d) vSphere Client uses port 443 to connect to vCenter and port 903 to connect to VM Console after the connection to vCenter through port 443; Port 902 connects vCenter Server to the host through the VMware
Authorization Daemon (vmware-authd)

When a vSphere Client or vCenter Server user connects to a ESX host, a connection is established with the
VMware Host Agent process. The process uses the user names and passwords for authentication. ESX uses the Pluggable Authentication Modules (PAM) structure for authentication when users access the ESX
host using the vSphere Client, vSphere Web Access, or the service console. The PAM configuration for VMware services is located in /etc/pam.d/vmware-authd, which stores paths to authentication modules. The reverse proxy in the VMware Host Agent (vmware-hostd) process listens on ports 80 and 443. vSphere
Client or vCenter Server users connect to the host agent through these ports. The vmware-hostd process receives the user name and password from the client and forwards them to the PAM module to perform the
authentication.

The vpxuser permission is used for vCenter Server when managing activities for the host. The vpxuser is
created when an ESX host is attached to vCenter Server. vCenter Server has Administrator privileges on the host that it manages. For example, vCenter Server can move virtual machines to and from hosts and perform configuration changes needed to support virtual machines. The vCenter Server administrator can perform most of the same tasks on the host as the root user and also schedule tasks, work with templates, and so forth. However, the vCenter Server administrator cannot directly create, delete, or edit users and groups for ESX hosts. These tasks can only be performed by a user with Administrator permissions directly on each ESX host.

Courtesy: Of one the experts in EE has posted the above and I saved it for my future reference cannot recollect the post id#
0
 
LVL 40

Assisted Solution

by:coolsport00
coolsport00 earned 250 total points
ID: 34094099
Umm...that would be me "kosarajudeepak" :)
See:
http://www.experts-exchange.com/Software/VMWare/Q_26390031.html

~coolsport00
0
 
LVL 14

Expert Comment

by:Deepak Kosaraju
ID: 34094209
There you go, that's the nice post that helps this user to clear all his questions. Thanks.
0
 
LVL 14

Expert Comment

by:Deepak Kosaraju
ID: 34094264
I always get confused between your post and bgoering posts so I don't want to hurt anyone so I said one of the expert in EE ;-) who ever has shared the above info in EE which is already in EE Inventory deserves the points from the user. So here coolsport00 deserve the points if the above solves the user question.
0
 
LVL 40

Expert Comment

by:coolsport00
ID: 34094288
No harm, no foul...it's all good. :)

Thanks for the kudos though. :)

~coolsport00
0

Featured Post

Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

It Is not possible to enable LLDP in vSwitch(at least is not supported by VMware), so in this article we will enable this, and also go trough how to enabled CDP and how to get this information in vSwitches and also in vDS.
Last article we focus in how to VMware: How to create and use VMs TAGs – Part 1 so before follow this article and perform the next tasks, you should read the first article how to create the TAG before using them in Veeam Backup Jobs.
Teach the user how to configure vSphere clusters to support the VMware FT feature Open vSphere Web Client: Verify vSphere HA is enabled: Verify netowrking for vMotion and FT Logging is in place or create it: Turn On FT for a virtual machine: Verify …
This video shows you how easy it is to boot from ISO images for virtual machines with the ISO images stored on a local datastore on the ESXi host.

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now