The infrastructure parts, such as vCenter, ESXi, NSX, etc., typically share a network. After that, they can connect with one another without going through routers or firewalls inside the same subnet.
VMware Products and Solutions Ports to check https://ports.esp.vmware.com/
In this article, Just find out which ports are needed for example NSX-T
It is possible to apply filters and select the rules by version and specific object.
Once the filters have been applied, it is also possible to export the list in pdf and excel
By filtering with version 3.2 and source Manager we obtain the list of rules needed by NSX Manager to communicate with all the objects it needs.
I summarize them below, the source is obviously the NSX Managers ip:
NOTE : these are the ports needed by NSX, ESXi hosts will clearly need other ports for normal operation (NPT, DNS, SSH, etc.)
Some rules may seem redundant but remember that you have to distinguish between objects that start the session and their destinations, sometimes you need rules that allow traffic on both sides on the same ports.