I have a requirement to disable the ESXi firewall. Via PowerCLI, the only way I've found is via the Get-Esxcli command. Using Get-EsxCLI the "network.firewall.set" requires 2 parameters be passed, documented as "boolean defaultaction" and "boolean enabled". I've determined (via "esxcli network firewall get") "boolean defaultaction" to be the "Default Action" which if true is "DROP" and if false is "PASS". The "boolean enabled" parameter sets firewall enabled to either true or false.
If the set command is executed and "boolean defaultaction" parameter passed matches the current setting, the command errors, but the firewall enabled parameter does get set. If the "boolean defaultaction" parameter is different, the command completes with no errors.
Example Code:
$esxcli = Get-EsxCli -Vmhost "vmhost.foo"
$esxcli.network.firewall.set($false,$false)
Message: Default action already DROP;
InnerText: Default action already DROPEsxCLI.CLIFault.summary
At line:1 char:29
+ $esxcli.network.firewall.set <<<< ($false,$false)
+ CategoryInfo : InvalidOperation: (:) [], RuntimeException
+ FullyQualifiedErrorID : MethodInvocationException
Is the method being called correctly? Is there another way of disabling the ESXi firewall via PowerCLI (possibly with Get-View)?
Afaik you have to use $null for parameters that you do not want to set.
$esxcli.network.firewall.set($null,$false)
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
Afaik you have to use $null for parameters that you do not want to set.
$esxcli.network.firewall.set($null,$false)
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
That worked, thanks!