Network Protocols and Ports
This section describes typical settings required for connections between all Veeam MP for VMware infrastructure components, and between the Veeam MP for VMware components and vCenter Server. Veeam MP for VMware data flows are shown in the architecture diagram described in the Veeam MP for VMware Collection Architecture section.
From | To | Protocol | Port | Notes |
|---|---|---|---|---|
Collector | vCenter Server | HTTPS | 443 | Required for the Collector to gather monitoring data. Note: Check the current API port opened in the vCenter Server. For more information, see the VMware documentation. |
VE Service | vCenter Server | HTTPS | 443 | Required for the Veeam UI to connect to the vCenter Server. |
Collector | VE Service | Secured TCP | 8084 | Required for the VE Service to authenticate the Collectors, receive heartbeats, and distribute licenses and other configurations (you can specify the port number during the setup). |
Veeam UI | VE Service | Secured TCP | 8084 | Required for communications between the VE Service and Veeam UI (you can choose port number during the setup). |
Workstation web browser | Veeam UI | HTTP | 4430 | Required to use the Veeam UI from a remote web browser (you can choose port number during the setup). |
Collector | ESXi host | HTTPS | 443 | This port is optional; use it only if you need to connect the Collector directly to a vSphere host (for more information on connections to VMware systems, see Veeam MP for VMware Collection Architecture). |
VE Service | ESXi host | HTTPS | 443 | This port is optional; use it only if you need to connect the VE Service directly to a vSphere host (for more information on connections to VMware systems, see Veeam MP for VMware Collection Architecture). |
Collector | ESXi host | UDP | 514 | This port is optional; use it only if Syslog is required. To allow outgoing syslog traffic, open this port in the ESXi host firewall. |
Make sure the MTU settings on all ESXi hosts match the MTU settings on the network hardware. Otherwise, the VE Service and Collectors may not be able to connect to the hosts correctly.
If you want to monitor the state of host hardware sensors using the CIM-XML method, open the port 5989 and follow the instructions provided in the Veeam MP for Microsoft System Center Resource Kit Guide, section Veeam VMware Advanced ESXi Hardware Monitoring (CIM-based):
From | To | Protocol | Port | Notes |
|---|---|---|---|---|
Collector | ESXi host | HTTP | 5989 | Required for gathering SMASH hardware sensors using CIM-XML. Connection though a proxy server is not supported; this must be a direct connection. |
In addition, the VE Service and Collector use the following types of communication:
From | To | Communication Type | Notes |
|---|---|---|---|
VE Service | Collector | SMB | This communication type is used to create log bundle for Veeam Customer Support support (if required). Bundle log creation is available through the Veeam UI. The account under which the Veeam UI runs must have, at minimum, read permissions. |
VE Service | Collector | RPC | RPC is used to control the Veeam VMware Collector service remotely (to start, stop and restart the service). |