In an environment with firewalls, the vCenter, ESX servers, and Virtual Server Agent must be able to communicate with each other. To ensure that all components can communicate through the firewall, ensure that the ports for web services (default: 443) and TCP/IP (default: 902) are opened for communication on each of these machines.
Additional port requirements can apply for the MediaAgent when you use specific features such as Live Browse, Live File Recovery, and Live Mount. For more information, see Entering Required Firewall Settings.
Prior to performing any backup or restore operations, ensure that the following port requirements are met.
Note
If a non-default port is used with VDDK 5.5, backup or restore operations can fail. See KB Article VMW0013.
vCenter
Port for web service (default: 443) must be opened. If vCenter is configured to use non-default ports, the non-default ports must also be opened.
ESX Server
Ports for web service (default: 443) and TCP/IP (default: 902) must be opened for the vStorage APIs for Data Protection.
vCloud Director
A port for the vCloud REST API (default: 443) must be opened.
Subclient with Multiple Proxies
If you are using multiple proxies in a single subclient, open the CVD port (by default 8400) for all proxies in the subclient, to enable the coordinator node and other proxies to communicate. The CVD port is used to establish communication between proxies using a randomly selected port; to enable communication between proxies you must configure the Commvault firewall.