The operation of Site Recovery Manager requires certain ports to be open.

The components that make up a Site Recovery Manager deployment, namely vCenter Server, vSphere Web Client, Site Recovery Manager Server, the vSphere Replication appliance, and vSphere Replication servers, require different ports to be open. You must ensure that all the required network ports are open for Site Recovery Manager to function correctly.

vCenter Server and ESXi Server network port requirements for Site Recovery Manager 8.5

Site Recovery Manager requires certain ports to be open on vCenter Server, Platform Services Controller, and on ESXi Server.

Default Port Protocol or Description Source Target Description
443 HTTPS Site Recovery Manager vCenter Server Default SSL Web port.
443 HTTPS Site Recovery Manager Platform Services Controller (PSC) Traffic from Site Recovery Manager Server to local and remote Platform Services Controller.
443 HTTPS Site Recovery Manager on the recovery site Recovery site ESXi host. Traffic from the Site Recovery Manager Server on the recovery site to ESXi hosts when recovering or testing virtual machines with configured IP customization, or callout commands on recovered virtual machines.
902 TCP and UDP Site Recovery Manager Server on the recovery site. Recovery site ESXi host. Traffic from the Site Recovery Manager Server on the recovery site to ESXi hosts when recovering or testing virtual machines with IP customization, with configured callout commands on recovered virtual machines, or that use raw disk mapping (RDM). All NFC traffic for updating or patching the VMX files of virtual machines that are replicated using vSphere Replication use this port.

Site Recovery Manager Server 8.5 network ports

The Site Recovery Manager Server instances on the protected and recovery sites require certain ports to be open.

Default Port Protocol or Description Source Target Endpoints or Consumers
443 HTTPS Site Recovery Manager HTML 5 user interface Site Recovery Manager Default port for the Site Recovery Manager HTML 5 user interface.
443 HTTPS Site Recovery Manager HTML 5 user interface Local and remote vCenter Server or all vCenter Server instances in Enhanced Linked Mode on which there is a registered Site Recovery Manager. For more information about Enhanced Linked Mode, see vCenter Enhanced Linked Mode for vCenter Server Appliance in the vCenter Server Installation and Setup documentation. Default port for the Site Recovery Manager HTML 5 user interface. when you open it from the Site Recovery Manager appliance.
443 HTTPS Site Recovery Manager HTML 5 user interface Local and remote Platform Services Controller (PSC) or all Platform Services Controller instances in Enhanced Linked Mode on which there is a registered Site Recovery Manager. Default port for the Site Recovery Manager HTML 5 user interface. when you open it from the Site Recovery Manager appliance.
443 HTTPS Site Recovery Manager vCenter Server Default SSL Web Port for incoming TCP traffic.
443 HTTPS Site Recovery Manager Platform Services Controller Traffic from Site Recovery Manager Server to local and remote Platform Services Controller.
443 HTTPS Site Recovery Manager on the recovery site Recovery site ESXi host. Traffic from the Site Recovery Manager Server on the recovery site to ESXi hosts when recovering or testing virtual machines with configured IP customization, or callout commands on recovered virtual machines.
443 HTTPS vSphere Web Client Site Recovery Manager Appliance All management traffic to Site Recovery Manager Server goes to this port. This includes traffic by external API clients for task automation and HTTPS interface for downloading the UI plug-in and icons. This port must be accessible from the vCenter Server proxy system. Used by vSphere Web Client to download the Site Recovery Manager client plug-in.
443 TCP Site Recovery Manager Appliance https://vcsa.vmware.com Customer Experience Improvement Program (CEIP) for Site Recovery Manager
902 TCP and UDP Site Recovery Manager Server on the recovery site. Recovery site ESXi host. Traffic from the Site Recovery Manager Server on the recovery site to ESXi hosts when recovering or testing virtual machines with IP customization, with configured callout commands on recovered virtual machines, or that use raw disk mapping (RDM). All NFC traffic for updating or patching the VMX files of virtual machines that are replicated using vSphere Replication use this port.
5480 HTTPS Web Browser Site Recovery Manager Appliance Site Recovery Manager Appliance Management Interface

Site Pairing Port Requirements

Port Protocol Source Target Description
443 HTTPS vCenter Server Site Recovery Manager Server vCenter Server and target Site Recovery Manager Appliance communication.
443 HTTPS Site Recovery Manager Server Site Recovery Manager Server on target site Bi-directional communication between Site Recovery Manager servers.
443 HTTPS Site Recovery Manager Platform Services Controller and vCenter Server Site Recovery Manager to vCenter Server communication - local and remote.

Network ports that must be open on Site Recovery Manager and vSphere Replication Protected and Recovery sites

Site Recovery Manager and vSphere Replication require that the protected and recovery sites can communicate.

Port Protocol or Description Source Target Endpoints or Consumers
31031 Initial replication traffic ESXi host vSphere Replication appliance on the recovery site From the ESXi host at the protected site to the vSphere Replication appliance at the recovery site
32032 TCP ESXi host on the source site vSphere Replication server at the target site Initial and outgoing replication traffic from the ESXi host at the source site to the vSphere Replication appliance or vSphere Replication server at the target site for replication traffic with network encryption.
8043 HTTPS Site Recovery Manager vSphere Replication appliance on the recovery and protected sites Management traffic between Site Recovery Manager instances and vSphere Replication appliances.