Home > Blogs > VMware Consulting Blog


VMware Horizon 6 (View) Firewall and Network Ports Visualized

Ray Heffer
By Ray Heffer, VCDX#122, VMware EUC Architect

Back in April 2012, I posted on my blog my original Horizon View network firewall ports diagram. Over the past two years, it’s been used widely both internally at VMware and in the community. Since Horizon 6 just recently released, I thought I’d create a brand new full size diagram to include Cloud Pod Architecture. This updated diagram contains a better layout and a new color theme to boot!  This image is 3767 x 2355 pixels, so simply click it to enlarge then ‘Save Image’ to get the full size HD version.

You’ll notice the addition of VIPA (View inter-pod API) and ADLDS port 22389 which are both used for Cloud Pod Architecture. Bear in mind that between your View Pods, you will still require the usual Active Directory ports.

Horizon 6 Firewall Diagram

Key Firewall Considerations for VMware Horizon 6

  • TCP 8472: View interpod API (Cloud Pod Architecture) – NEW
  • TCP 22389: Global ADLDS (Cloud Pod Architecture) – NEW
  • HTTPS (443): Horizon Client access, authentication and RDP tunnel (HTTPS Secure Gateway)
  • HTTPS (8443): Used by HTML Access (Blast)
  • HTTPS (22443): HTML Access (Blast) to Virtual Desktops
  • TCP 9427: Used by Windows multimedia redirection (MMR)
  • TCP 32111: USB Redirection
  • ESP (Protocol 50) used for Security Server and Connection Server IPSEC communication (requires Windows firewall with Advanced Security to be enabled)
  • UDP 500: IPsec negotiation for Security Server and Connection Server communication and pairing.

For a full list of network ports please refer to the latest Horizon 6 documentation: https://www.vmware.com/support/pubs/view_pubs.html


Ray Heffer is an EUC Architect working at VMware and a double VCDX with both VCDX-DCV (Data Center) and VCDX-DT (Desktop). Previously part of the VMware Professional Services team as a Senior Consultant, Ray now works for the Desktop Technical Product Marketing BU at VMware. Ray joined the IT industry in 1997 as a Unix admin, before focusing on end user computing with Citrix MetaFrame and Terminal Services in the early days. In 2004 Ray joined an ISP providing managed hosting and Linux web applications, but soon discovered VMware ESX 2.5 (and GSX!) and passed his first VCP in 2007. Ray has many years of complex infrastructure design and delivery including the integration of VCE Vblock for both EUC and Cloud, and two highly successful 10,000+ user VMware Horizon View design and implementation engagements. This post originally appeared on Ray’s blog. Follow Ray on Twitter @rayheffer.

11 thoughts on “VMware Horizon 6 (View) Firewall and Network Ports Visualized

  1. Pingback: VMware Horizon 6 (View) Firewall and Network Ports Visualized | VMware Consulting Blog – VMware Blogs | configMgr

  2. Pingback: VMware: Horizon 6, Mapa de Puertos y Firewall » Blog de Jorge de la Cruz

  3. Pingback: [VMware] Horizon 6 View 利用ポートダイアグラム | virtual hive-jp

  4. Travis

    Great diagram! I know you mention the link for the full list of ports. I was wondering is there a reason you left off TCP 902 from Composer to the ESXi Hosts? I’ve been bit by this one before, and just wanted to check. Thanks!

    Reply
  5. Pingback: The Scoop – June Edition | vmnick

  6. Pingback: Making NSX for Horizon 6 More Approachable | VMware End-User Computing Blog - VMware Blogs

  7. Pingback: Making NSX for Horizon 6 More Approachable | VMware SMB Blog - VMware Blogs

  8. Pingback: Fire Wall Design |

  9. mike schreiner

    hi, i am able to connect through PCoIP and RDP, but i can’t connect w/ VMware Blast. All these ports seem to be open. any ideas?

    Reply
  10. Lucas Nguyen

    omg this was amazing..have you do this already admin?

    Reply
  11. vercomicsporno

    but i can’t connect w/ VMware Blast. All these ports seem to be open. any ideas?

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

*