NSX Manager uses certain TCP and UDP ports to communicate with other components and products. These ports must be open in the firewall.

You can use an API call or CLI command to specify custom ports for transferring files (22 is the default) and for exporting Syslog data (514 and 6514 are the defaults). If you do, you will need to configure the firewall accordingly.

Table 1. TCP and UDP Ports Used by NSX Manager

Source

Target

Port

Protocol

Description

Management Clients

NSX Manager

22

TCP

SSH (Disabled by default)

NTP Servers

NSX Manager

123

UDP

NTP

Management Clients

NSX Manager

443

TCP

NSX API server

SNMP Servers

NSX Manager

161

UDP

SNMP

NSX Controllers, NSX Edge nodes, Transport Nodes, vCenter Server

NSX Manager

8080

TCP

Install-upgrade HTTP repository

NSX Controllers, NSX Edge nodes, Transport Nodes

NSX Manager

5671

TCP

NSX messaging

NSX Manager

Management SCP Servers

22

TCP

SSH (upload support bundle, backups, etc.)

NSX Manager

DNS Servers

53

TCP

DNS

NSX Manager

DNS Servers

53

UDP

DNS

NSX Manager

NTP Servers

123

UDP

NTP

NSX Manager

SNMP Servers

161, 162

TCP

SNMP

NSX Manager

SNMP Servers

161, 162

UDP

SNMP

NSX Manager

Syslog Servers

514

TCP

Syslog

NSX Manager

Syslog Servers

514

UDP

Syslog

NSX Manager

Syslog Servers

6514

TCP

Syslog

NSX Manager

Syslog Servers

6514

UDP

Syslog

NSX Manager

LogInsight Server

9000

TCP

Log Insight agent

NSX Manager

Traceroute Destination

33434 - 33523

UDP

Traceroute

NSX Manager

vCenter Server

80

TCP

NSX Manager to compute manager (vCenter Server) communication, when configured.

NSX Manager

vCenter Server

443

TCP

NSX Manager to compute manager (vCenter Server) communication, when configured.