This is an archive version of the document. To get the most up-to-date information, see the current version.Used Ports
The following table describes network ports that must be opened to ensure proper communication of components in the Veeam Cloud Connect infrastructure.
From | To | Protocol | Port | Notes |
Cloud gateway | SP backup server | TCP | 6169 | Port on the SP Veeam backup server used to listen to cloud commands from the tenant side. Tenant cloud commands are passed to the Veeam Cloud Connect Service via the cloud gateway. |
Cloud gateway | SP backup repository | TCP | 2500 to 5000 | Default range of ports used as transmission channels for replication jobs. For every TCP connection that a job uses, one port from this range is assigned. |
Cloud gateway | SP backup proxy | TCP | 2500 to 5000 | Default range of ports used as transmission channels for replication jobs. For every TCP connection that a job uses, one port from this range is assigned. |
Cloud gateway | Provider-side network extension appliance | UDP | 1195 | Port used to establish secure VPN connection for network extention during partial site failover. If a tenant has several IP networks, additional odd ports should be opened starting from 1195 — one port per tenant's IP network. For example, a tenant Tenant1 replicates VMs that are connected to 3 IP networks. In the Veeam Cloud Connect infrastructure, the SP deployed a network extension appliance for Tenant1. In this case, the SP needs to open between the network extension appliance and the cloud gateway the following ports: 1195, 1197, 1199. |
Cloud gateway | WAN accelerator | TCP | 6164 | Controlling port for RPC calls. |
TCP | 6165 | Default port used for data transfer between WAN accelerators. | ||
Provider-side network extension appliance | Cloud gateway | UDP | 1195 | Port used to establish secure VPN connection for network extention during partial site failover. If a tenant has several IP networks, additional odd ports should be opened starting from 1195 — one port per tenant's IP network. For example, a tenant Tenant1 replicates VMs that are connected to 3 IP networks. In the Veeam Cloud Connect infrastructure, the SP deployed a network extension appliance for Tenant1. In this case, the SP needs to open between the network extension appliance and the cloud gateway the following ports: 1195, 1197, 1199. |
SP backup server | Cloud gateway | TCP | 6168 | Port on the cloud gateway used to listen for cloud commands from the Veeam Cloud Connect Service. The service cloud commands from the Veeam Cloud Connect Service are sent to set up, delete and check the status of data transport channels between tenants and the cloud repository. |
SP backup server | Provider-side network extension appliance | TCP | 22 | Port used for communication with the network extension appliance. |
Tenant backup server | Cloud gateway | TCP and UDP | 6180 | Port on the cloud gateway used to transport VM data from the tenant side to the cloud repository. |
Tenant backup server | Tenant-side network extension appliance | TCP | 22 | Port used for communication with the network extension appliance. |
Tenant-side network extension appliance | Cloud gateway | TCP and UDP | 6180 | Port used to carry tenant VM traffic from the tenant network extension appliance to the SP network extension appliance through the cloud gateway. |
Tenant backup proxy (VMware vSphere) or Hyper-V server/off-host backup proxy (Microsoft Hyper-V) | Cloud gateway | TCP and UDP | 6180 | Port used for VM data transport to the cloud repository by backup jobs. |
Tenant backup repository (Microsoft Windows server/ Linux server/ gateway (for CIFS share) | Cloud gateway | TCP and UDP | 6180 | Port used for VM data transport to the cloud repository by backup copy jobs. |
Tenant remote Veeam Backup & Replication console | Cloud gateway | TCP and UDP | 6180 | Port used for communication with the SP Veeam Cloud Connect Service. |
Backup server | Backup server | TCP | 10003 | Port used for communication with the Veeam Backup Service (locally on the backup server). |
Tenant desktop computer or portable device | Veeam Cloud Connect Portal | TCP | 6443 | Port used for accessing Veeam Cloud Connect Portal by tenants. Veeam Cloud Connect Portal is installed on the SP Veeam Backup Enterprise Manager server as an optional component. It should be published on the internet by the SP administrator. |
To learn what ports are required for other components in the Veeam Cloud Connect infrastructure, see the Ports section in Veeam Backup & Replication User Guide at: https://www.veeam.com/documentation-guides-datasheets.html.