When you power on the vSphere Replication appliance, it automatically configures all ESXi hosts in your environment to open TCP ports 10000-10010 for outgoing data transfers.

The vCloud Tunneling Agent in the vSphere Replication appliance uses ports 10000-10010 to receive data from ESXi instances that host replication sources.

If you do not want to have unused open ports on your ESXi hosts, if the number of open ports is insufficient, or if you want to change which ports are open, you can reconfigure your firewall settings.

To change the default ports that are used to transfer replication data from ESXi hosts to the vCloud Tunneling Agent, you must configure each ESXi instance that hosts a replication source virtual machine, and the vCloud Tunneling Agent.

1

Disable the default Replication-to-cloud Traffic rule that is created by the vSphere Replication appliance.

For detailed procedure, see Allow or Deny Access to an ESXi Service or Management Agent with the vSphere Web Client.

2

Create a custom firewall rule on each ESXi server that hosts replication source machines.

See Creating custom firewall rules in VMware ESXi 5.0 (KB 2008226).

3

Enable the custom firewall rule that you created on each ESXi host.

See Allow or Deny Access to an ESXi Service or Management Agent with the vSphere Web Client.

Configure the vCloud Tunneling Agent to use the ports that you configured on ESXi hosts.