Blademan7
Contributor
Contributor

How do you add new firewall rules in ESXi 7.0?

Author : Joseph Sciallo

URL : http:////docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.security.doc/GUID-9C6D29E6-C58D-41...

Topic Name : Manage ESXi Firewall Settings

Publication Name : vSphere Security

Product/Version : VMware vSphere/7.0

Question :

Looking to add new allowed ports for a VM in ESXi 7.0 without vSphere client, and I cannot find any documentation.

6 Replies
daphnissov
Immortal
Immortal

For opening ports to a VM directly you do not manipulate the firewall within ESXi. This would be something you control from inside the VM just as if it were a physical machine.

nachogonzalez
Expert
Expert

Do you have NSX?

0 Kudos
Blademan7
Contributor
Contributor

Nope.

0 Kudos
Blademan7
Contributor
Contributor

Are the firewall rules only for the hypervisor?

0 Kudos
nachogonzalez
Expert
Expert

Basically in a traditional network there are 2 firewalls
One as a border/perimeter firewall
Other in each of your VMs Guest OS (Windows Firewall, IPtables, etc)


In case you need to filter or allow traffic within the same subnet what you need to do is open ports on the Guest OS firewall.

Please let me know if I can assist

scott28tt
VMware Employee
VMware Employee

If you’re not using NSX then you are looking to configure the guest OS firewall the same as you would if the OS were running on a physical system - this would therefore have nothing to do with vSphere.

In such a case, the only way that any VMware software could help you is to invoke a script (of your own creation) via PowerCLI and VMware Tools which runs in the guest OS to set the guest OSes own firewall.