If you have positioned a firewall between the switches that are planned for VxRail and the rest of your data center network, be sure that the required firewall ports are open for VxRail network traffic.

1. Verify that VxRail can communicate with your DNS server.
2. Verify that VxRail can communicate with your NTP server, if planned for clock synchronization.
3. Verify that VxRail can communicate with your syslog server if you plan to capture logging.
4. Verify that your IT administrators can communicate with the VxRail management system.
5. If you plan to use a customer-managed vCenter, verify open communication between the vCenter instance and the VxRail-managed hosts.
6. If you plan to use a third-party syslog server instead of Log Insight, verify that open communication between the syslog server and the VxRail management components.
7. If you plan to deploy a separate network for ESXi host management (iDRAC), verify that your IT administrators can communicate with the iDRAC network.
8. If you plan to use an external secure connect gateway in your data center instead of the secure connection deployed in the VxRail cluster, verify the open communications between VxRail management and the secure connect gateway.
9. If you are planning to use VMware subscription licenses with VxRail, confirm connectivity to the VMware Cloud from the VMware vCenter Cloud Gateway.

See Appendix D: VxRail Open Ports Requirements for information of VxRail port requirements.