You can use the ESXi Shell or ESXCLI commands to configure ESXi at the command line to automate a firewall configuration.
NOTE: You can only manage predefined ports. To create custom firewall ports you need to create XML file
Command | Description |
---|---|
esxcli network firewall get | Return the enabled or disabled status of the firewall and lists default actions. |
esxcli network firewall set –default-action | Set to true to set the default action to pass. Set to false to set the default action to drop. |
esxcli network firewall set –enabled | Enable or disable the ESXi firewall. |
esxcli network firewall load | Load the firewall module and rule set configuration files. |
esxcli network firewall refresh | Refresh the firewall configuration by reading the rule set files if the firewall module is loaded. |
esxcli network firewall unload | Destroy filters and unload the firewall module. |
esxcli network firewall ruleset list | List rule sets information. |
esxcli network firewall ruleset set –allowed-all | Set to true to allow all access to all IPs. Set to false to use a list of allowed IP addresses. |
esxcli network firewall ruleset set –enabled –ruleset-id=<string> | Set enabled to true to enable the specified ruleset. Set enabled to false to disable the specified ruleset. |
esxcli network firewall ruleset allowedip list | List the allowed IP addresses of the specified rule set. |
esxcli network firewall ruleset allowedip add | Allow access to the rule set from the specified IP address or range of IP addresses. |
esxcli network firewall ruleset allowedip remove | Remove access to the rule set from the specified IP address or range of IP addresses. |
esxcli network firewall ruleset rule list | List the rules of each ruleset in the firewall. |
Please like and share to spread the knowledge in the community.
Visit my FB page: https://www.facebook.com/AngrySysOps
Subscribe to my YouTube channel: https://www.youtube.com/channel/UCRTcKGl0neismSRpDMK_M4A
Check my PowerShell workshop:
DO NOT FORGET ABOUT COMPETITION: