How to add a custom firewall rule to ESXi
How to add a custom firewall rule to ESXi
The vCenter or ESXi web GUI only allow turning pre-fined ports on and off. What to do if we need to add a custom port? For example, connecting to a iSCSI device using port 3261.
Create an XML file /etc/vmware/firewall/custom_iscsi.xml
<!-- Firewall configuration information for custom iSCSI port-->
<ConfigRoot>
<service>
<id>custom_iscsi</id>
<rule id='0000'>
<direction>outbound</direction>
<protocol>tcp</protocol>
<porttype>dst</porttype>
<port>3261</port>
</rule>
<enabled>true</enabled>
<required>false</required>
</service>
</ConfigRoot>
Reload the firewall rule
esxcli network firewall refresh
Check if the rule has been added
esxcli network firewall ruleset list
The rule should be visible both from command line or web GUI.
Leave a comment