NSX Manager uses certain TCP and UDP ports to communicate with other components and products. These ports must be open in the firewall.
You can use an API call or CLI command to specify custom ports for transferring files (22 is the default) and for exporting Syslog data (514 and 6514 are the defaults). If you do, you will need to configure the firewall accordingly.
Source | Target | Port | Protocol | Description |
---|---|---|---|---|
NSX Managers, NSX Edge nodes, Transport nodes | NSX Manager | 5671, 1234, 1235, 443 | TCP | NSX messaging |
NSX Managers, NSX Edge nodes, Transport nodes, vCenter Server | NSX Manager | 8080 | TCP | Install-upgrade HTTP repository |
NSX Manager | NSX Manager | 9000 5671, 1234, 443, 8080 | TCP | Distributed Datastore |
NSX Manager | DNS Servers | 53 | TCP | DNS |
NSX Manager | DNS Servers | 53 | UDP | DNS |
NSX Manager | Management SCP Servers | 22 | TCP | SSH (upload support bundle, backups, etc.) |
NSX Manager | NTP Servers | 123 | UDP | NTP |
NSX Manager | SNMP Servers | 161, 162 | TCP | SNMP |
NSX Manager | SNMP Servers | 161, 162 | UDP | SNMP |
NSX Manager | Syslog Servers | 514 | TCP | Syslog |
NSX Manager | Syslog Servers | 514 | UDP | Syslog |
NSX Manager | Syslog Servers | 6514 | TCP | Syslog |
NSX Manager | Syslog Servers | 6514 | UDP | Syslog |
NSX Manager | Intermediate and Root CA Servers | 80 | TCP | Syslog (export over TLS)
Note: To verify which TCP port must be used to retrieve the Certificate Revocation Lists (CRLs), verify against the CRL Distribution Point (CDP) URI of the certificate authority.
|
NSX Manager | Traceroute Destination | 33434 - 33523 | UDP | Traceroute |
NSX Manager | vCenter Server | 80 | TCP | NSX Manager to compute manager (vCenter Server) communication, when configured. |
NSX Manager | vCenter Server | 443 | TCP | NSX Manager to compute manager (vCenter Server) communication, when configured. |
NTP Servers | NSX Manager | 123 | UDP | NTP |
Management Clients | NSX Manager | 22 | TCP | SSH (Disabled by default) |
Management Clients | NSX Manager | 443 | TCP | NSX API server |
SNMP Servers | NSX Manager | 161 | UDP | SNMP |