ESXi hosts and other network components are accessed using predetermined TCP and UDP ports. If you manage network components from outside a firewall, you might be required to reconfigure the firewall to allow access on the appropriate ports.

The table lists TCP and UDP ports, and the purpose and the type of each. Ports that are open by default at installation time are indicated by (Default).

Table 1. TCP and UDP Ports

Port

Purpose

Traffic Type

443 (Default)

HTTPS access

vSphere Client access to vCenter Server

vSphere Client access to ESXi hosts

vSphere Client access to vSphere Update Manager

Incoming TCP to the ESXi host

902 (Default)

vSphere Client access to virtual machine consoles

Incoming TCP to the ESXi host, outgoing TCP from the ESXi host, outgoing UDP from the ESXi host

903

Remote console traffic generated by user access to virtual machines on a specific host.

vSphere Client access to virtual machine consoles

MKS transactions (xinetd/vmware-authd-mks)

Incoming TCP to the ESXi host