NSX Edge uses certain TCP and UDP ports to communicate with other components and products. These ports must be open in the firewall.

You can use an API call or CLI command to specify custom ports for transferring files (22 is the default) and for exporting Syslog data (514 and 6514 are the defaults). If you do, you will need to configure the firewall accordingly.

Table 1. TCP and UDP Ports Used by NSX Edge

Source

Target

Port

Protocol

Description

Any

Edge

22

TCP

SSH (Disabled by default)

Any

Edge

123

UDP

NTP

Any

Edge

161

UDP

SNMP

Any

Edge

67, 68

UDP

DHCP

Any

Edge

1167

TCP

DHCP backend

Any

Edge

3784, 3785

UDP

BFD

Any

Edge

5555

TCP

Public cloud

Any

Edge

6666

TCP

Public cloud

Any

Edge

8080

TCP

NAPI, NSX-T upgrade

Any

Edge

2480

TCP

Nestdb

Edge

Any

22

TCP

SSH

Edge

Any

53

UDP

DNS

Edge

Any

80

TCP

HTTP

Edge

Any

123

UDP

NTP

Edge

Any

161, 162

UDP

SNMP

Edge

Any

161, 162

TCP

SNMP

Edge

Any

179

TCP

BGP

Edge

Any

443

TCP

HTTPS

Edge

Any

514

TCP

Syslog

Edge

Any

514

UDP

Syslog

Edge

Any

1167

TCP

DHCP backend

Edge

Any

1234

TCP

netcpa

Edge

Any

3000 - 9000

TCP

Metadata proxy

Edge

Any

5671

TCP

NSX messaging

Edge

Any

6514

TCP

Syslog over TLS

Edge

Any

33434 - 33523

UDP

Traceroute

Edge

Edge

50263

UDP

High-Availability