VMware Cloud Community
smokey008uk
Contributor
Contributor
‎02-09-2016 06:29 AM

adding additional syslog port to Esxi Firewall

Hello

Is it possible to add an extra port so syslog can talk on a port other than 514 and 1514 using powercli ? or via esxcli without using VI

get-vmhost vmhost1.customer.local| Get-VMHostFirewallException | where {$_.Name.StartsWith('syslog')}

Name                 Enabled IncomingPorts  OutgoingPorts  Protocols  ServiceRunning

----                 ------- -------------  -------------  ---------  --------------

syslog               True                   514, 1514      UDP, TCP

while i can view what is currently allowed , I cannot seem to change it , apart from going into host and VI edit on an xml file. would rather not have to do this option for 40 hosts spread around multiple Vcenters

any one any tips or pointers , seems going beyond the Default is a we bit tricky

Tags (2)
Reply
0 Kudos
1 Reply
kermic
Expert
Expert
‎02-10-2016 01:55 AM

First impression, this is not going to be a walk in the park Smiley Happy

Have you looked at these: Create ESXi Host firewall rules using PowerCli | PS C:>(Get-Virtual).info and Adding bespoke firewall rules to ESXi - CormacHogan.com

They seem to be covering your issue. Note the comment in the Cormac's post which might help you in making changes persistent after host updates / patching.

Another thing I would consider if I had Ent+ license - Host Profiles, I guess they could do the trick as well.

Hope this helps.

Reply
0 Kudos