I'm attempting to open a specific TCP port on the firewall on vCenter Server Appliance 6.0. I found the documentation here but it doesn't seem to allow me to specify a port. When I telnet to my VCSA from the specified IP address the port times out.
root@<server>:~ # telnet <vcsa> <tcp port>
Trying <vcsa>...
telnet: connect to address <vcsa>: Operation timed out
telnet: Unable to connect to remote host
The trick turned out to be using the IPTABLES command
Hi,
which specific port you cannot access? VCSA services are listening on following ports:
VMware KB: Required ports for vCenter Server Appliance 5.x
If you want to verify which services listening on which ports use "lsof -i" in VCSA console
or perform remote scan with nmap ...etc.
Regarding firewall configuration and defining what IPs/ports are allowed or not refer to this KB:
VMware KB: Updating the vCenter Server Appliance (vCSA) firewall rules to DISA STIG compliance
Trying to access port 10050.
The documentation you linked is for VCSA 5.1 and 5.5, not 6.0, but thanks though.
I can't really fathom that it's not possible to gain control over the firewall configuration. Then again it is hardened.
The trick turned out to be using the IPTABLES command
First thanks for the tip ! ![]()
But .... Seems to be not persistent accross reboot ?
EDIT: perhaps adding a file with the right format in /etc/vmware/appliance/firewall/ shoud do the trick. Will try to test that
