The DRaaS Connector has several system and network requirements.

vSphere and VMware Cloud on AWS Compatibility

For the most current information on vSphere and VMware Cloud on AWS compatibility with the service, see the VMware product interopability matrix.

For configuration limits of the service, see VMware Cloud DR configuration limits.

DRaaS Connector System Requirements

To deploy the DRaaS Connector VM, make sure that the vSphere host where you deploy it has the following available resources for the VM.
Site Resources Value
VMware vCenter See the VMware Interoperability Matrix for the latest supported versions.
CPU 8 GHz (reserved)
RAM 12 GiB (reserved)
Disk 100 GiB virtual disk
Network connectivity


If you deploy more than one DRaaS Connector, deploy only one connector VM per-host.

Note: VMware Cloud DR does not support an internet proxy server between the DRaaS Connector and the cloud.
Note: If the DRaaS Connector becomes unregistered, delete the VM and re-deploy the connector VM as an OVF. Do not use the vCenter datastore browser to register the connector.

DRaaS Connector Deployment Considerations

Consider the following suggestions when deploying the DRaaS Connector on your protected site.
Note: These suggestions are not operational scale limits.
  • Deploy one DRaaS Connector for every 250 VMs total in the protected site’s vCenter inventory, counting all VMs in vCenter, protected or not. If you have 1000 VMs, you do not have to deploy more than four DRaaS Connectors (although there is no harm in deploying additional DRaaS Connectors). You can add connectors as needed. You need not commit to a particular number of connectors up front.
  • Deploy only one DRaaS Connector on a single host.
  • Deploy at least two connectors per-protected site, for redundancy.
  • Sites with more 10,000 VMs might exhibit some responsiveness issues with the VMware Cloud DR UI, such as slow loading of pages or windows when previewing protection group VM membership, creating and editing recovery plans, and during plan compliance checking.
  • VMware Cloud DR supports protecting up to 6000 VMs on a site with a single vCenter. To protect up to 6000 VMs in a single vCenter, you need four separate protected sites, each with its own cloud file system (four cloud file systems).

DRaaS Connector Networking Requirements

The DRaaS Connector requires the following open outbound ports listed in the diagram in your network to allow connector traffic. See Service Public IP Addresses for how to find the public IP addresses of the Orchestrator and the cloud file system.

Network flow diagram showing outbound ports that need to be open in your network to allow DRaaS ConnectorDRaaS Connector communication.

Table 1. Open Ports Required for the DRaaS Connector
Protocol Port Source Destination Service Description Classification
Protected site
TCP 443 DRaaS Connector

vCenter Server

(on-premises site or SDDC)

vCenter web service Outbound
TCP 80 DRaaS Connector

vCenter Server

(on-premises site only)

vCenter web service Outbound
TCP 902 DRaaS Connector

ESXi Management IP address

(on-premises site only)

Reading/writing vdisks Outbound
TCP 1492 ESXi hosts

DRaaS Connector

(For on-premises sites. For SDDC sites, this outbound rule for ESXi hosts is already configured.)

For high-frequency snapshots, reading/writing vdisks. Inbound
VMware Cloud DR
TCP 443 DRaaS Connector

Cloud file system

Encrypted tunnel for data transfers and metadata operations Outbound
TCP 443 DRaaS Connector Orchestrator Management service Outbound
TCP 443 DRaaS Connector VMware auto-support server Support service Outbound

Existing Customers: Actions Required Before and After Next 2022 Release

If you are an existing VMware Cloud DR customer (you have been using the service prior to the April 2022 release), you must make important port configuration changes to the DRaaS Connector. These changes require action before the next non patch VMware Cloud DR release. VMware Technical Services will notify you when these changes must be made by to ensure the service remains running after the upgrade.
  1. Before you are upgraded to the April release, open ports 1759 and 443 to both the Orchestrator and cloud file system.
  2. After upgrading to the April release, close ports 22 and 1759 to the Orchestrator.
  3. Next, check to make sure that port 443 is open to the cloud file system.
  4. Then, you can close ports 1759 to the cloud file system.
  5. Optional: If you are using high-frequency snapshots, make sure that you have port 1492 open for inbound connections to the DRaaS Connector.