dantidote
Contributor
Contributor

vprobeserver firewall rule. What is it?

We're building ESXi 5.0 U2 hosts, and upon disabling maintenance mode, the HA agent is installed, and a firewall rule called 'vprobeserver' is created on some hosts. Google can't explain where this rule is coming from. It's causing issued with host profiles, as the rule doesn't appear on all the hosts. Any thoughts?

0 Kudos
2 Replies
magander
Enthusiast
Enthusiast

Have you verified the ESXi firewall configuration? I had the same issue and found that the firewall rule "vprobeServer" (poty 57007) was either open or closed. Do you have the firewall rule at all on all your ESXi hosts?

Should look like the below in the esx.conf file inte the /etc/vmware directory:

/etc/vmware/esx.conf:/firewall/services/vprobeServer/allowedall = "X"

/etc/vmware/esx.conf:/firewall/services/vprobeServer/enabled = "X"

X is either true or false.

//Magnus

0 Kudos
VirendraYadav
Contributor
Contributor

Hi,

This issue is related to conflict between host profile attached and the host scanned against the profile. Please check the scanned host - there will be an option of vprobserver under following -

ESXi->Configuration->Security Profile->Firewal Properties->Open properties and scroll to ungrouped lebels. There you can find one tick box for vprobserver - Incoming port 57007. Tick or untick as per your reference host selected for host profile or if any exceptions in firewall.

Caution : Before untick selection, Please make sure that the port is not being used in your environment. For my hosts it is not required, and I have deselected it from my ESXi firewall whereas the daemon is running.

Hope this can help you!

Thanks!

Virendra Yadav.

0 Kudos