Network Protocols and Ports

In this article

    This section describes typical settings required for connections between all Veeam MP for VMware infrastructure components, and between the Veeam MP for VMware components and vCenter Server. Veeam MP for VMware data flows are shown in the architecture diagram described in the Veeam MP for VMware Collection Architecture section.

    From

    To

    Protocol

    Port

    Notes

    Collector

    vCenter Server

    HTTPS

    443

    Required for the Collector to gather monitoring data.

    Note: Check the current API port opened in the vCenter Server. For more information, see the VMware documentation.

    VE Service

    vCenter Server

    HTTPS

    443

    Required for the Veeam UI to connect to the vCenter Server.

    Collector

    VE Service

    Secured TCP

    8084

    Required for the VE Service to authenticate the Collectors, receive heartbeats, and distribute licenses and other configuration (you can specify the port number during the setup).

    Veeam UI

    VE Service

    Secured TCP

    8084

    Required for communications between the VE Service and Veeam UI (you can choose port number during the setup).

    Workstation web browser

    Veeam UI

    HTTP

    4430

    Required to use the Veeam UI from a remote web browser (you can choose port number during the setup).

    Collector

    ESXi host

    HTTPS

    443

    This port is optional; use it only if you need to connect the Collector directly to a vSphere host (for more information on connections to VMware systems, see Veeam MP for VMware Collection Architecture).

    VE Service

    ESXi host

    HTTPS

    443

    This port is optional; use it only if you need to connect the VE Service directly to a vSphere host (for more information on connections to VMware systems, see Veeam MP for VMware Collection Architecture).

    Collector

    ESXi host

    UDP

    514

    This port is optional; use it only if Syslog is required. To allow outgoing syslog traffic, open this port in the ESXi host firewall.

    Make sure the MTU settings on all ESXi hosts match the MTU settings on the network hardware. Otherwise, the VE Service and Collectors may not be able to connect to the hosts correctly.

    If you want to monitor the state of host hardware sensors using the CIM-XML method, open the port 5989 and follow the instructions provided in the Veeam MP for Microsoft System Center Resource Kit Guide, section Veeam VMware Advanced ESXi Hardware Monitoring (CIM-based):

    From

    To

    Protocol

    Port

    Notes

    Collector

    ESXi host

    HTTP

    5989

    Required for gathering SMASH hardware sensors via CIM-XML. Connection though a proxy server is not supported; this must be a direct connection.

    In addition, the VE Service and Collector use the following types of communication:

    From

    To

    Communication Type

    Notes

    VE Service

    Collector

    SMB

    This communication type is used to create log bundle for Veeam Customer Support support (if required). Bundle log creation is available through the Veeam UI. The account under which the Veeam UI runs must have, at minimum, read permissions.

    VE Service

    Collector

    RPC

    RPC is used to control the Veeam VMware Collector service remotely (to start, stop and restart the service).