The following are the firewall rules that need to be enabled to configure VM Monitoring *from the host*. Note that you do not need to enable any firewall rules if you configure VM Monitoring directly in the guest. To configure VM Monitoring directly in the guest - Install the Failover Clustering management tools in the guest and then use the Add-ClusterVMMonitoredItem PowerShell cmdlet in the guest:
Echo Request - ICMPv4-In - Inbound rule. Echo Request messages are sent as ping requests to other nodes. ICMPv4 Protocal #: 1 Local ports: All ports
Echo Request - ICMPv6-In - Inbound rule. Echo Request messages are sent as ping requests to other nodes. ICMPv6 Protocal #:58 Local ports: All ports
NB-Session-In Inbound rule to allow NetBIOS Session Service connections. [TCP 139] TCP Protocal #:6 Local ports:139
RPC Inbound rule for the Task Scheduler service to be remotely managed via RPC/TCP. TCP Protocal #:6 Local ports:RPC Dynamic Ports
DCOM-In Inbound rule to allow DCOM traffic for remote Windows Management Instrumentation. [TCP 135] TCP Protocal #:6 Local ports:135