Author : Joseph Sciallo
Topic Name : Manage ESXi Firewall Settings
Publication Name : vSphere Security
Product/Version : VMware vSphere/7.0
Question :
Looking to add new allowed ports for a VM in ESXi 7.0 without vSphere client, and I cannot find any documentation.
For opening ports to a VM directly you do not manipulate the firewall within ESXi. This would be something you control from inside the VM just as if it were a physical machine.
Do you have NSX?
Nope.
Are the firewall rules only for the hypervisor?
Basically in a traditional network there are 2 firewalls
One as a border/perimeter firewall
Other in each of your VMs Guest OS (Windows Firewall, IPtables, etc)
In case you need to filter or allow traffic within the same subnet what you need to do is open ports on the Guest OS firewall.
Please let me know if I can assist
If you’re not using NSX then you are looking to configure the guest OS firewall the same as you would if the OS were running on a physical system - this would therefore have nothing to do with vSphere.
In such a case, the only way that any VMware software could help you is to invoke a script (of your own creation) via PowerCLI and VMware Tools which runs in the guest OS to set the guest OSes own firewall.