Firewall Configuration
ESXi ships with a software firewall that is configured by default to block outgoing connection requests. When an indication is triggered, the producer cannot open a connection to the consumer unless the target port is opened in the firewall.
When you create an indication subscription, the CIMOM opens the corresponding port in the firewall for you. To check the firewall configuration, use these commands:
- esxcli network firewall gettells you whether the firewall is enabled.
- esxcli network firewall ruleset listtells you which specific services are enabled.
To disable or enable the firewall, use these commands:
- esxcli network firewall set -e falsedisables the firewall.
- esxcli network firewall set -e trueenables the firewall.
It is also possible to create rulesets to open or close firewall ports manually. For information about manual firewall configuration for ESXi, see the
vSphere Security Guide
.For information about the
esxcli
command set, see the manual Getting Started with vSphere Command-Line Interfaces.