I manage a large number of ESXi hosts. These are at remote locations and it’s sometimes extremely difficult for me to gain access to the vSphere console unless we have a site-to-site VPN connection with the client.
One of my recent challenges (hah) was remotely accessing and managing an ESXi console via port forwarding. So, even though it’s generally no problem finding information like this, I struggled finding the ports that pertain only to vSphere remote access. The other articles showed me way too much!
So here it is!

How to port-forward your ESXi host for remote access.

Here I’ve port forwarded the ESXi host on a Meraki MX appliance:
– Note that it is always recommended to do this over a secure VPN rather than open the ports to the world. If you are able to, restrict the scope of allowed remote IPs to your own.
Below lists the TCP and UDP ports, and the purpose and the type of each.

 

Port:
443 (HTTPS)

Type:
TCP (Inbound TCP to ESXi Host)

Purpose:
HTTPS access
vSphere Client access to vCenter Server
vSphere Client Access to ESXi hosts
vSphere Client access to vSphere update Manager

 

Port:
902

Type:
TCP/UDP (Inbound TCP to ESXi host, outgoing TCP from ESXi host, outgoing UDP from the ESXi host.)

Purpose:
vSphere Client access to virtual machine consoles

 

 


Leave a Reply