Network Protocols and Ports

This section describes typical settings required for connections between all Veeam MP for VMware infrastructure components, and between the Veeam MP for VMware components and vCenter Server. Veeam MP for VMware data flows are shown in the architecture diagram described in the Veeam MP for VMware Collection Architecture section.

From

To

Protocol

Port

Notes

Collector

vCenter Server

HTTPS

443

Required for the Collector to gather monitoring data.

Note: Check the current API port opened in the vCenter Server. For more information, see the VMware documentation.

VE Service

vCenter Server

HTTPS

443

Required for the Veeam UI to connect to the vCenter Server.

Collector

VE Service

Secured TCP

8084

Required for the VE Service to authenticate the Collectors, receive heartbeats, and distribute licenses and other configurations (you can specify the port number during the setup).

Veeam UI

VE Service

Secured TCP

8084

Required for communications between the VE Service and Veeam UI (you can choose port number during the setup).

Workstation web browser

Veeam UI

HTTP

4430

Required to use the Veeam UI from a remote web browser (you can choose port number during the setup).

Collector

ESXi host

HTTPS

443

This port is optional; use it only if you need to connect the Collector directly to a vSphere host (for more information on connections to VMware systems, see Veeam MP for VMware Collection Architecture).

VE Service

ESXi host

HTTPS

443

This port is optional; use it only if you need to connect the VE Service directly to a vSphere host (for more information on connections to VMware systems, see Veeam MP for VMware Collection Architecture).

Collector

ESXi host

UDP

514

This port is optional; use it only if Syslog is required. To allow outgoing syslog traffic, open this port in the ESXi host firewall.

Make sure the MTU settings on all ESXi hosts match the MTU settings on the network hardware. Otherwise, the VE Service and Collectors may not be able to connect to the hosts correctly.

If you want to monitor the state of host hardware sensors using the CIM-XML method, open the port 5989 and follow the instructions provided in the Veeam MP for Microsoft System Center Resource Kit Guide, section Veeam VMware Advanced ESXi Hardware Monitoring (CIM-based):

From

To

Protocol

Port

Notes

Collector

ESXi host

HTTP

5989

Required for gathering SMASH hardware sensors using CIM-XML. Connection though a proxy server is not supported; this must be a direct connection.

In addition, the VE Service and Collector use the following types of communication:

From

To

Communication Type

Notes

VE Service

Collector

SMB

This communication type is used to create log bundle for Veeam Customer Support support (if required). Bundle log creation is available through the Veeam UI. The account under which the Veeam UI runs must have, at minimum, read permissions.

VE Service

Collector

RPC

RPC is used to control the Veeam VMware Collector service remotely (to start, stop and restart the service).