Few times I faced connectivity problems when I try to connect VMware Horizon Virtual Desktop Infrastructure (VDI). There will be no issue if Windows OS Optimization Tool is used for the Golden Image. Mostly, the organizations have an endpoint protection software in the Golden Image, and the following ports have to be excluded to let the VDI infra works smoothly.
In the following table, I added mostly used ports and protocols by myself. If you want to have this table on your computer as an excel table you can get it by clicking here.
Source | Destination | Ports | Protocols | Purpose |
Horizon Client | Horizon Connection Server | 4172 | TCP/UDP | Tunneled Horizon client device display protocol session initiation via PCoIP Secure Gateway on Connection Server. |
Horizon Client | Horizon Connection Server | 8443 | TCP | Tunneled Horizon client device display protocol session traffic via Blast Secure Gateway on Connection Server. |
Horizon Client | Horizon Connection Server | 443 | TCP | Tunnled Horizon client device login traffic. |
Horizon Client | Horizon Agent | 32111 | TCP | USB redirection for an internal Horizon client device. |
Horizon Client | Horizon Agent | 4172 | TCP/UDP | Internal Horizon client device display protocol session initiation. |
Horizon Client | Horizon Agent | 9427 | TCP | Client drive redirection for an internal Horizon client device. |
Horizon Client | Horizon Agent | 3389 | TCP | Internal Horizon client device display protocol session traffic. |
Horizon Client | Horizon Agent | 22443 | TCP/UDP | Internal Horizon client device display protocol session traffic. |
Horizon Client | Horizon Connection Server | 443 | TCP | Internal Horizon client login and authentication traffic. |
Horizon Agent | Horizon Connection Server | 4002 | TCP | Java Message Service communication. |
Horizon Agent | Horizon Connection Server | 4001 | TCP | Java Message Service communication. |
Horizon Agent | Horizon Connection Server | 389 | TCP | Unmanaged Horizon agent in virtual desktop or RDS host registration. |
Horizon Connection Server | Horizon Agent | 32111 | TCP | – |
Horizon Connection Server | Horizon Agent | 32111 | TCP | One use is for vdmadmin to configure or read from agent. For example, creating a Data Collection Tool (DCT) log bundle. (vdmadmin – A -getDCT…) |
Horizon Connection Server | Horizon Agent | 9427 | TCP | – |
Horizon Connection Server | Horizon Agent | 3389 | TCP | RDP display protocol session traffic tunneled through Connection Server. |
Horizon Connection Server | Horizon Agent | 22443 | TCP | Blast display protocol session traffic tunneled through Connection Server. |
Horizon Connection Server | Horizon Agent | 4174 | TCP/UDP | PCoIP display protocol session initiation tunneled through Connection Server. |
If you want to take a look other ports and protocols of VMware products you can visit their web page which is given below.
https://ports.esp.vmware.com/home/
Thanks for your time and for reading my article. I wish you a good and successful day.
Regards,
Hasan