Allow the required TCP access in the site for the correct operation of VMware Cloud Director Availability services.

For a list of the required open firewall ports, see Cloud-Director Availability Network Ports.

Services Connectivity

VMware Cloud Director Availability services must be able to communicate with each other and with the disaster recovery infrastructure.
  • The Cloud Service must have a TCP access to the Manager Service, to VMware Cloud Director, to vCenter Server, and to Platform Services Controller, depending on where the vCenter Server Lookup service is hosted.
  • The Manager Service must have a TCP access to all the Replicator Services in both local, and in remote sites and to the vCenter Server Lookup service.
  • All the Replicator Services must have a TCP access to the Manager Service, to vCenter Server, and to the vCenter Server Lookup service.
Note: The VMware Cloud Director Availability services use end-to-end encryption for the communication across sites. For example, when a Replicator Service on site 1 is communicating to a Replicator Service on site 2, VMware Cloud Director Availability expects that the TLS session is terminated at each Replicator Service.

VMware Cloud Director Availability does not support any TLS terminating products or solutions placed between the appliances, for example, HAProxy, Nginx, Fortinet, and others. If such tools are in place, they must be configured in pass-thru mode, also known as TCP mode, to prevent from interfering with the TLS traffic of VMware Cloud Director Availability.

For more information and a network diagram that shows the connectivity between all VMware Cloud Director Availability components, see Network Requirements in VMware Cloud Director Availability Installation, Configuration, and Upgrade Guide in the Cloud and in VMware Cloud Director Availability Installation, Configuration, and Upgrade Guide On-Premises.