VMware Horizon 6 (View) Firewall & Network Ports

Posted on 20 Jun 2014 by Ray Heffer

Updated (July 3rd 2014): Even higher resolution, includes RDS (Remote Desktop Session) hosts, Workspace Portal, MMR and correct PCoIP ports (TCP and UDP)

Back in April 2012 I posted my original View network firewall ports diagram, and it’s been used widely both internally at VMware and in the community. Since Horizon 6 launched this week I thought I’d create a brand new full size diagram to include Cloud Pod Architecture. This updated diagram contains a better layout and a new color theme to boot! This image is 3767 x 2355 pixels, so simply click to enlarge then ‘Save Image’ to get the full size HD version.

You’ll notice the addition of VIPA (View inter-pod API) and ADLDS port 22389 which are both used for Cloud Pod Architecture. Bear in mind that between your View Pods, you will still require the usual Active Directory ports.

Key Firewall Considerations for VMware Horizon 6

• TCP 8472: View interpod API (Cloud Pod Architecture) – NEW
• TCP 22389: Global ADLDS (Cloud Pod Architecture) – NEW
• HTTPS (443): Horizon Client access, authentication and RDP tunnel (HTTPS Secure Gateway)
• HTTPS (8443): Used by HTML Access (Blast)
• HTTPS (22443): HTML Access (Blast) to Virtual Desktops
• TCP 9427: Used by Windows multimedia redirection (MMR)
• TCP 32111: USB Redirection
• ESP (Protocol 50) used for Security Server and Connection Server IPSEC communication (requires Windows firewall with Advanced Security to be enabled)
• UDP 500: IPsec negotiation for Security Server and Connection Server communication and pairing.

For a full list of network ports please refer to the latest Horizon 6 documentation.