The operation of Site Recovery Manager requires certain ports to be open.
The components that make up a
Site Recovery Manager deployment, namely
vCenter Server,
vSphere Web Client,
Site Recovery Manager Server, the
vSphere Replication appliance, and
vSphere Replication servers, require different ports to be open. You must ensure that all the required network ports are open for
Site Recovery Manager to function correctly.
Note:
Site Recovery Manager uses port 9086 as the default listener port. Changing the listener port prevents you from using the
VMware Site Recovery service on
VMware Cloud on AWS.
vCenter Server and ESXi Server network port requirements for Site Recovery Manager 8.3
Site Recovery Manager requires certain ports to be open on vCenter Server, Platform Services Controller, and on ESXi Server.
| Default Port | Protocol or Description | Source | Target | Description |
|---|---|---|---|---|
| 443 | HTTPS | Site Recovery Manager | vCenter Server | Default SSL Web port. |
| 443 | HTTPS | Site Recovery Manager | Platform Services Controller (PSC) | Traffic from Site Recovery Manager Server to local and remote Platform Services Controller. |
| 443 | HTTPS | Site Recovery Manager on the recovery site | Recovery site ESXi host. | Traffic from the Site Recovery Manager Server on the recovery site to ESXi hosts when recovering or testing virtual machines with configured IP customization, or callout commands on recovered virtual machines. |
| 902 | TCP and UDP | Site Recovery Manager Server on the recovery site. | Recovery site ESXi host. | Traffic from the Site Recovery Manager Server on the recovery site to ESXi hosts when recovering or testing virtual machines with IP customization, with configured callout commands on recovered virtual machines, or that use raw disk mapping (RDM). All NFC traffic for updating or patching the VMX files of virtual machines that are replicated using vSphere Replication use this port. |
Site Recovery Manager Server 8.3 network ports
The Site Recovery Manager Server instances on the protected and recovery sites require certain ports to be open.
| Default Port | Protocol or Description | Source | Target | Endpoints or Consumers |
|---|---|---|---|---|
| 443 | HTTPS | Site Recovery Manager HTML 5 user interface | Site Recovery Manager | Default port for the Site Recovery Manager HTML 5 user interface. |
| 443 | HTTPS | Site Recovery Manager | vCenter Server | Default SSL Web Port for incoming TCP traffic. |
| 443 | HTTPS | Site Recovery Manager | Platform Services Controller | Traffic from Site Recovery Manager Server to local and remote Platform Services Controller. |
| 443 | HTTPS | Site Recovery Manager on the recovery site | Recovery site ESXi host. | Traffic from the Site Recovery Manager Server on the recovery site toESXi hosts when recovering or testing virtual machines with configured IP customization, or callout commands on recovered virtual machines. |
| 443 | HTTPS | vSphere Web Client | Site Recovery Manager Appliance | All management traffic to Site Recovery Manager Server Appliance goes to this port. This includes traffic by external API clients for task automation and HTTPS interface for downloading the UI plug-in and icons. This port must be accessible from the vCenter Server proxy system. Used by vSphere Web Client to download the Site Recovery Manager client plug-in. |
| 902 | TCP and UDP | Site Recovery Manager Server on the recovery site. | Recovery site ESXi host. | Traffic from the Site Recovery Manager Server on the recovery site to ESXi hosts when recovering or testing virtual machines with IP customization, with configured callout commands on recovered virtual machines, or that use raw disk mapping (RDM). All NFC traffic for updating or patching the VMX files of virtual machines that are replicated using vSphere Replication use this port. |
| 1433 | TCP | Site Recovery Manager | Microsoft SQL Server | Site Recovery Manager connectivity to Microsoft SQL Server (for Site Recovery Manager database) |
| 1521 | TCP | Site Recovery Manager | Oracle Database Server | Site Recovery Manager database connectivity to Oracle. |
| 1526 | TCP | Site Recovery Manager | Oracle Database Server | Site Recovery Manager database connectivity to Oracle. |
| 5480 | HTTPS | Web Browser | Site Recovery Manager Appliance | Site Recovery Manager Appliance Management Interface |
| 9086 | HTTPS | vSphere Web Client | Site Recovery Manager | All management traffic to Site Recovery Manager Server goes to this port. This includes traffic by external API clients for task automation and HTTPS interface for downloading the UI plug-in and icons. This port must be accessible from the vCenter Server proxy system. Used by vSphere Web Client to download the Site Recovery Manager client plug-in. |
Site Pairing Port Requirements
| Port | Protocol | Source | Target | Description |
|---|---|---|---|---|
| 9086 | HTTPS | vCenter Server | Site Recovery Manager Server | vCenter Server and target Site Recovery Manager communication. |
| 9086 | HTTPS | Site Recovery Manager Server | Site Recovery Manager Server on target site | Bi-directional communication between Site Recovery Manager servers. |
| 443 | HTTPS | vCenter Server | Site Recovery Manager Server Appliance | vCenter Server and target Site Recovery Manager Appliance communication. |
| 443 | HTTPS | Site Recovery Manager Server Appliance | Site Recovery Manager Server Appliance on target site | Bi-directional communication between Site Recovery Manager Appliance servers. |
| 443 | HTTPS | Site Recovery Manager | Platform Services Controller and vCenter Server | Site Recovery Manager to vCenter Server communication - local and remote. |
Network ports that must be open on Site Recovery Manager and vSphere Replication Protected and Recovery sites
Site Recovery Manager and vSphere Replication require that the protected and recovery sites can communicate.
| Port | Protocol or Description | Source | Target | Endpoints or Consumers |
|---|---|---|---|---|
| 31031 | Initial replication traffic | ESXi host | vSphere Replication appliance on the recovery site | From the ESXi host at the protected site to the vSphere Replication appliance at the recovery site |
| 32032 | TCP | ESXi host on the source site | vSphere Replication server at the target site | Initial and outgoing replication traffic from the ESXi host at the source site to the vSphere Replication appliance or vSphere Replication server at the target site for replication traffic with network encryption. |
| 8043 | HTTPS | Site Recovery Manager | vSphere Replication appliance on the recovery and protected sites | Management traffic between Site Recovery Manager instances and vSphere Replication appliances. |