Ben Armstrong published a much appreciated post detailing ports used by Microsoft Virtual Server 2005:
When Virtual Server is installed – the installer creates the following exceptions:
- Port 135 for RPC
- The port for the Virtual Server website (usually 1024)
- Any ports opened by the Virtual Server service
When configuring Virtual Server behind an external firewall (software or hardware) you do not have the luxury of just opening ports ‘used by the virtual Server service’ – you need to know which ones to open. The first one is fairly obvious – you will need to open port 5900 for VMRC.
In most situations this will be sufficient. If, however, you are running remote scripts / programs that access the Virtual Server COM interfaces you will also need to open a port for DCOM. Now, normally DCOM uses a random port above 1024. Obviously this is a problem for an external firewall – but it is one that can be easily addressed.
This article: http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dndcom/html/msdn_dcomfirewall.asp explains how to configure DCOM to be restricted to a defined range of ports – which you will then need to open on your firewall.
Be sure to read the original post for updates and comments.