Open up necessary network ports and allow the required protocols on NSX Manager to enable public cloud connectivity.

Allow access to NSX Manager from the Public Cloud

Open up the following network ports and protocols to allow connectivity with your on-prem NSX Manager deployment:

Table 1.
From To Protocol/Port Description
PCG NSX Manager TCP/5671 Inbound traffic from public cloud to on-prem NSX-T Data Center for Management Plane Communication.
PCG NSX Manager TCP/8080 Inbound traffic from public cloud to on-prem NSX-T Data Center for access to an HTTP repository for upgrading NSX Cloudcomponents.
PCG NSX Controller TCP/1234, TCP/1235 Inbound traffic from public cloud to on-prem NSX-T Data Center for Control Plane Communication.
PCG DNS UDP/53 Inbound traffic from public cloud to on-prem NSX-T Data Center DNS, (if you are using the on-prem DNS Server).
CSM PCG TCP/7442 CSM Config Push
Any NSX Manager TCP/443 NSX Manager UI
Any CSM TCP/443 CSM UI.
Important: All NSX-T Data Center infrastructure communication leverages SSL-based encryption. Ensure your firewall allows SSL traffic over non-standard ports.