Какой порт использует vmware
Для многих администраторов, управляющих решением для виртуализации настольных ПК предприятия VMware View, могут оказаться полезными таблицы используемых различными компонентами View портов. Таблицы подготовил Christoph Harding, работник VMware и автор блога That's my View, на основе следующих документов:
Perimeter Firewall Rules (правила между внешним клиентом View и Security Server)
DMZ Firewall Rules (правила между Security Server и Connection Server в демилитаризованной зоне)
| Source IP | Source Port | Direction | Destination IP | Transport Protocol | Dest. Port | Application Protocol | Comment | Type |
|---|---|---|---|---|---|---|---|---|
| <SECURITYSERVER> | <CLIENTPORT> | Inbound | <CONNECTIONSERVER> | TCP | 8009 | AJP13 | AJP-Data Traffic | Mandatory |
| <SECURITYSERVER> | <CLIENTPORT> | Inbound | <CONNECTIONSERVER> | TCP | 4001 | JMS | Java Messanging | Mandatory |
| <SECURITYSERVER> | <CLIENTPORT> | Inbound | <TRANSFERSERVER> | TCP | 80 | HTTP | Used if SSL/HTTPS is not used on the Transfer Server | HTTPS prefered |
| <SECURITYSERVER> | <CLIENTPORT> | Inbound | <TRANSFERSERVER> | TCP | 443 | HTTPS | Communication with Transfer Server for the Offline Usage of VDIs | |
| <SECURITYSERVER> | <CLIENTPORT> | Both | <VIEWAGENT> | UDP | 4172 | PCoIP | PCoIP Data Transmission | Mandatory |
| <SECURITYSERVER> | <CLIENTPORT> | Inbound | <VIEWAGENT> | TCP | 3389 | RDP | Remote Desktop Protocol | Optional |
| <SECURITYSERVER> | <CLIENTPORT> | Inbound | <VIEWAGENT> | TCP | 4172 | PCoIP | PCoIP Connection Establishment | Mandatory |
| <SECURITYSERVER> | <CLIENTPORT> | Inbound | <VIEWAGENT> | TCP | 32111 | USB-Redirection | Optional | |
| <SECURITYSERVER> | <CLIENTPORT> | Inbound | <VIEWAGENT> | TCP | 9427 | Multi Media Redirection, RDP-Connections only | Optional |
Connection Server Rules (правила между Connection Server и сервером Active Directory)
Transfer Server Rules (правила связи Transfer Server с клиентами, Security и Connection серверами)
View Agent Rules (связь View Agent в гостевой ОС с клиентом и Connection Server)
| Source IP | Source Port | Direction | Destination IP | Transport Protocol | Dest. Port | Application Protocol | Comment | Type |
|---|---|---|---|---|---|---|---|---|
| <INTERNALCLIENT> | <CLIENTPORT> | Inbound | <VIEWAGENT> | TCP | 3389 | RDP | Remote Desktop Protocol | Optional |
| <INTERNALCLIENT> | <CLIENTPORT> | Both | <VIEWAGENT> | UDP | 4172 | PCoIP | PCoIP Data Transmission | Mandatory |
| <INTERNALCLIENT> | <CLIENTPORT> | Inbound | <VIEWAGENT> | TCP | 4172 | PCoIP | PCoIP Connection Establishment | Mandatory |
| <INTERNALCLIENT> | <CLIENTPORT> | Inbound | <VIEWAGENT> | TCP | 9472 | Multi Media Redirection, RDP-Connections only | Optional | |
| <INTERNALCLIENT> | <CLIENTPORT> | Inbound | <VIEWAGENT> | TCP | 32111 | USB-Redirection | Optional | |
| <INTERNALCLIENT> | <CLIENTPORT> | Inbound | <VIEWAGENT> | TCP | 42966 | HP RGS | HP Remote Graphics Server | Optional |
| <VIEWAGENT> | <CLIENTPORT> | Outbound | <CONNECTIONSERVER> | TCP | 4001 | JMS | Java Messanging | Mandatory |
View Client Rules Int (правила для внутреннего клиента View без использования Security Server)
View Client Rules Ext (правила для внешнего клиента View, работающего через Security Server)
This document lists port requirements for connectivity between the various components and servers in a VMware Horizon deployment. This document applies to all versions of Horizon 8 version 2006 onwards.
- For Horizon 7, see Network Ports in VMware Horizon 7 .
- For Horizon Cloud Service on Microsoft Azure, see VMware Horizon Cloud Service on Microsoft Azure Network Ports Diagrams .
The diagram above shows three different client connection types and also includes all display protocols. Different subsets of this diagram are displayed throughout this document. Each subset diagram focuses on a particular connection type and display protocol use.
The embedded diagrams (and those in the pdf) are screen resolution versions. If higher resolution and the ability to zoom is required, for example to print as a poster, click on the desired diagram using the online HTML5 version of this document. This will open a high-resolution version which can be saved, opened in an image viewer, and printed.
This document also contains tables that list all possible ports from a source component to destination components. This does not mean that all of these ports necessarily need to be open. If a component or display protocol is not in use, then the ports associated with it can be omitted. For example, if Blast Extreme is the only display protocol used, the PCoIP and RDP ports need not be opened.
Ports shown are destination ports. The source and destination indicate the direction of traffic initiation.
Horizon UDP protocols are bidirectional. Stateful firewalls should be configured to accept UDP reply datagrams
The Horizon tables and diagrams include connections to the following products, product families, and components:
- vRealize Operations for Horizon VMware App Volumes ™VMware Dynamic Environment Manager ™ (formerly User Environment Manager)
- VMware ESXi ™ VMware ThinApp ®
Client Connections
Network ports for connections between a client (either Horizon Client or a browser) and the various Horizon components vary by whether the connections are internal, external, or tunneled.
Internal Connection
An internal connection is typically used within the internal network. Initial authentication is performed to the Horizon Connection Server, and then the Horizon Client connects directly to the Horizon Agent running in the virtual desktop or RDS Host.
The following table lists network ports for internal connections from a client device to Horizon components. The diagrams following the table show network ports for internal connections, by display protocol.
Source
Destination
Network Protocol
Destination Port
Details
Horizon Client
Horizon Connection Server
Для работы vCenter Server 6.7 и Platform Services Controller используются порты:
WS-Management (also requires port 443 to be open).
Important: You can only change this port number during the vCenter Server and Platform Services Controller installation.
This port must be open on the local and all remote instances of vCenter Server. This is the LDAP port number for the Directory Services for the vCenter Server group. If another service is running on this port, it might be preferable to remove it or change its port to a different port. You can run the LDAP service on any port from 1025 through 65535.
If this instance is serving as the Microsoft Windows Active Directory, change the port number from 389 to an available port from 1025 through 65535.
The default port that the vCenter Server system uses to listen for connections from the vSphere Web Client. To enable the vCenter Serversystem to receive data from the vSphere Web Client, open port 443 in the firewall.
The vCenter Server system also uses port 443 to monitor data transfer from SDK clients.
This port is also used for the following services:
- WS-Management (also requires port 80 to be open)
- Third-party network management client connections to vCenter Server
- Third-party network management clients access to hosts
Important: You only can change this port number during the vCenter Server and Platform Services Controller installation.
Important: You can change this port number during the vCenter Server and Platform Services Controller installations on Windows.
vCenter Single Sign-On LDAPS
For backward compatibility with vSphere 6.0 only.
During upgrade from vSphere 6.0 only.
vCenter Server 6.0 to Platform Services Controller 6.5
The default port that the vCenter Server system uses to send data to managed hosts. Managed hosts also send a regular heartbeat over UDP port 902 to the vCenter Server system. This port must not be blocked by firewalls between the server and the hosts or between hosts.
Port 902 must not be blocked between the VMware Host Client and the hosts. The VMware Host Client uses this port to display virtual machine consoles
Important: You can change this port number during the vCenter Server installations on Windows.
Important: You can change this port number during the vCenter Server and Platform Services Controller installations on Windows.
Important: You can change this port number during the Platform Services Controller installations on Windows.
Important: You can change this port number during the vCenter Server and Platform Services Controller installations on Windows.
Appliance Management Interface
Important: You can change this port number during the vCenter Server installations on Windows.
Important: You can change this port number during the vCenter Server installations on Windows.
Important: You can change this port number during the vCenter Server installations on Windows.
Note: Internal ports
Note: Internal port
Note: Internal ports
vSphere Update Manager SOAP port
The port used by vSphere Update Manager client plug-in to connect to the vSphere Update Manager SOAP server.
vSphere Update Manager Web Server Port
vSphere Update Manager Web SSL Port
Читайте также: