VMware Cloud Community
Blademan7
Contributor
Contributor
‎10-01-2020 04:21 PM

How do you add new firewall rules in ESXi 7.0?

Author : Joseph Sciallo

URL : http:////docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.security.doc/GUID-9C6D29E6-C58D-41...

Topic Name : Manage ESXi Firewall Settings

Publication Name : vSphere Security

Product/Version : VMware vSphere/7.0

Question :

Looking to add new allowed ports for a VM in ESXi 7.0 without vSphere client, and I cannot find any documentation.

Reply
6 Replies
daphnissov
Immortal
Immortal
‎10-01-2020 04:44 PM

For opening ports to a VM directly you do not manipulate the firewall within ESXi. This would be something you control from inside the VM just as if it were a physical machine.

------------------
How to Ask for Help on Tech Forums
https://neonmirrors.net
Reply
nachogonzalez
Commander
Commander
‎10-02-2020 05:52 AM

Do you have NSX?

Blog Nachogonzalez.com.ar Twitter @nachogon_
Reply
0 Kudos
Blademan7
Contributor
Contributor
‎10-02-2020 12:12 PM

Nope.

Reply
0 Kudos
Blademan7
Contributor
Contributor
‎10-02-2020 12:14 PM

Are the firewall rules only for the hypervisor?

Reply
0 Kudos
nachogonzalez
Commander
Commander
‎10-02-2020 12:21 PM

Basically in a traditional network there are 2 firewalls
One as a border/perimeter firewall
Other in each of your VMs Guest OS (Windows Firewall, IPtables, etc)


In case you need to filter or allow traffic within the same subnet what you need to do is open ports on the Guest OS firewall.

Please let me know if I can assist

Blog Nachogonzalez.com.ar Twitter @nachogon_
Reply
scott28tt
VMware Employee
VMware Employee
‎10-02-2020 02:21 PM

If you’re not using NSX then you are looking to configure the guest OS firewall the same as you would if the OS were running on a physical system - this would therefore have nothing to do with vSphere.

In such a case, the only way that any VMware software could help you is to invoke a script (of your own creation) via PowerCLI and VMware Tools which runs in the guest OS to set the guest OSes own firewall.


-------------------------------------------------------------------------------------------------------------------------------------------------------------

Although I am a VMware employee I contribute to VMware Communities voluntarily (ie. not in any official capacity)
VMware Training & Certification blog
Reply