Connecting to a Browser-Based Virtual Machine Console Through the vSphere Client

When you are connecting with the vSphere Client, you always connect to the vCenter Server system that manages the ESXi host, and access the virtual machine console from there.

If you are using the vSphere Client and connecting to a browser-based virtual machine console, the following access must be possible:

• The firewall must allow vSphere Client to access vCenter Server on port 443.
• The firewall must allow vCenter Server to access the ESXi host on port 902.

Connecting to a VMware Remote Console Through the vSphere Client

If you are using the vSphere Client and connecting to a VMware Remote Console (VMRC), the following access must be possible:

• The firewall must allow the vSphere Client to access vCenter Server on port 443.
• The firewall must allow the VMRC to access vCenter Server on port 443 and to access the ESXi host on port 902 for VMRC versions before 11.0, and port 443 for VMRC version 11.0 and greater. For more information about VMRC version 11.0 and ESXi port requirements, see the VMware knowledge base article at https://kb.vmware.com/s/article/76672.

Connecting to ESXi Hosts Directly with the VMware Host Client

The firewall must allow access to the ESXi host on ports 443 and 902.

The VMware Host Client uses port 902 to provide a connection for guest operating system MKS activities on virtual machines. It is through this port that users interact with the guest operating systems and applications of the virtual machine. VMware does not support configuring a different port for this function.