Ensure that the following requirements are met to allow migration with vMotion between your on-premises data center and cloud SDDC.

On-premises to cloud SDDC connectivity

Migration with vMotion requires connectivity between the vMotion VMkernel networks on the ESXi hosts in your on-premises and cloud data centers, provided by an Amazon Direct Connect connection with a private virtual interface configured, and an IPsec VPN connection to the management gateway. See Set Up an AWS Direct Connect Connection.

Sustained minimum bandwidth of 250 Mbps must be attainable between source and destination vMotion vMkernel interfaces for successful migration with vMotion.

Layer 2 VPN

Layer 2 VPN allows the same networks to be extended from the on-premises network to the cloud SDDC, and allows virtual machines to retain the same IP address after migration with vMotion. Configure a Layer 2 VPN to extend virtual machine networks between your on-premises data center and cloud SDDC. Routed networks are not supported. See Configure a Layer 2 VPN.

Firewall Rules

Ensure that the following firewall rule are onfigured in the VMC Console. If there are firewalls in your on-premises data path, you must also create corresponding firewall rules there to allow traffic.

Use Cases




Provide access to vCenter Server from the on premises.

Use for general vSphere Client access as well as for monitoring vCenter Server


remote (on-premises) vSphere Client IP address


Allow outbound vCenter Server access to on-premises vCenter Server.

Any (All Traffic)


remote (on-premises) vCenter Server IP address

Allow SSO vCenter Server

SSO (TCP 7444)

remote (on-premises) Platform Services Controller IP address


ESXi NFC traffic

Provisioning (TCP 902)

remote (on-premises) ESXi VMkernel networks used for NFC.


Allow outbound ESXi access to on-premises ESXi.

Any (All Traffic)


remote (on-premises) ESXi management VMkernel networks

Allow vMotion traffic.

vMotion (TCP 8000)

remote (on-premises) ESXi vMotion VMkernel networks


Hybrid Linked Mode

Configure Hybrid Linked Mode between your on-premises data center and cloud SDDC. See Hybrid Linked Mode.

Virtual Switches

Ensure that these requirements are met for virtual switches.

  • If your VMs use standard switches, you can migrate them to your cloud SDDC with vMotion, but you can't migrate them back to your on-premises data center with vMotion. Use distributed virtual switches to allow migration with vMotion in both directions.

  • The distributed virtual switch version used in the on-premises data center must be version 6.0, in order to match with what is used in the cloud SDDC.

Virtual Machine Hardware and Settings

Ensure that these requirements are met for virtual machine hardware.

  • Virtual machine hardware version 9 or later is required for migration with vMotion from the on-premises data center to the cloud SDDC.

  • EVC is not supported in the VMware Cloud on AWS SDDC.

  • VMs that are created in the cloud SDDC or that have been power-cycled after migration to the cloud SDDC can't be migrated back to the on-premises data center with vMotion unless the on-premises EVC baseline is Broadwell. You can relocate these VMs after powering them off, as long as their virtual machine hardware version is compatible with the on-premises data center.

  • Migration of VMs with DRS or HA VM overrides is not supported. For more information on VM overrides, see Customize an Individual Virtual Machine.