Configure ESXi firewall

The ESXi management interface is protected by a firewall that sits between the management interface and the network. The firewall is enabled by default and blocks all ports, except ports needed for the management services, such as SSH, DNS, DHCP, NFS, vMotion, etc.

You can manage the ESXi firewall using vSphere Web Client. Here is how you can do this:

Select your ESXi host from the inventory and go to Manage > Settings > Security Profile and click the Edit button for the firewall:

To enable a particular type of traffic through the ESXi firewall, select the check box next to that traffic type. You can also disable a type of traffic by deselecting the check box for that traffic type. You can also specify the particular source addresses from which traffic should be allowed:

Security Profile services
Lockdown mode explained

VMware ESXi course

vSphere overview
VMware vSphere components
Why use virtualization?
Resource sharing explained
What is CPU virtualization?
Physical and virtualized host memory
Physical and virtual networking
VMware vSphere VMFS
Getting started
What is VMware ESXi?
ESXi installation
Basic ESXi configuration
GUI in vSphere
vSphere Client installation
vSphere Web Client installation
VMware Client Integration Plug-in installation
What is vCenter Server?
Communication between vCenter Server and ESXi
What is vCenter Server Appliance?
vCenter Server Appliance installation
vCenter Server Appliance configuration
Install vCenter Server (Simple Install)
vCenter SSO and vCenter Inventory
What is vCenter Single Sign-On (SSO)?
SSO identity sources
Deployment modes in vCenter SSO
vCenter SSO installation
Configure vCenter SSO policies
vCenter Server and Active Directory
vCenter Server inventory explained
vCenter Inventory Service installation
Add ESXi host to vCenter Server Inventory
vCenter Server installation (Custom Install method)
Virtual machines
Virtual machine definition
Virtual machine files in ESXi
Virtual machine hardware
Types of virtual disks
Types of virtual network adapters
Virtual machine console in vCenter Server
Create virtual machines
Install a guest operating system
VMware Tools explained
VMware Tools Windows installation
VMware Tools Linux installation
Virtual networks
Virtual switch explained
Standard switch explained
Create standard switches
Configure VLANs
Configure speed and duplex
Switch network security policies
Switch traffic shaping policies
Switch load balancing policies
Network failover detection
How to handle network failures
Distributed switches explained
Storage
Storage technologies for ESXi
Storage protocols for ESXi
What is a datastore?
Virtual Machine File System (VMFS)
Raw Device Mapping (RDM)
iSCSI
iSCSI SAN components
iSCSI naming and addressing
iSCSI initiators
Network configuration for iSCSI
iSCSI target discovery
VMkernel port for iSCSI software initiator
Configure iSCSI software initiator
iSCSI CHAP overview
Configure iSCSI CHAP
NFS
NFS (Network File System) overview
NFS components
Access controls in NFS
Configure NFS datastore
Fibre Channel
Fibre Channel overview
FC components
FCoE adapters explained
Datastores
Create VMFS datastore
Browse VMFS datastores
Increase size of VMFS datastore
Expand VMFS datastore
Remove VMFS datastore
Unmount VMFS datastore
Delete VMFS datastore
VMware Virtual SAN overview
Requirements for Virtual SAN
Datastore in Virtual SAN
Configure Virtual SAN
Templates
What is a virtual machine template?
Create virtual machine template
Update virtual machine template
Customize guest OS
Deploy VM from template
Clone virtual machine
Edit VM settings
Edit virtual machine settings
Add virtual hardware to VM
Remove virtual hardware from VM
Add raw LUN
Dynamically increase virtual disk's size
Inflate thin disk
Edit VM options
VMware Tools options
VM boot options
VM migration
What is VM migration?
VM migration types
vSphere vMotion explained
vSphere vMotion process
vMotion requirements
CPU compatibility for vMotion
Hide or expose NX/XD bit
VMware CPU identification utility
Create virtual switch and VMkernel port group for vMotion
Use vSphere vMotion
vSphere Storage vMotion explained
Use vSphere Storage vMotion
Enhanced vMotion explained
VM snapshots
Virtual machine snapshot
VM snapshot files
Take snapshots
Revert snapshot
Delete snapshot
Consolidate snapshots
Remove virtual machine
vApps
vApps explained
Create vApp
vApp settings
Security
Security Profile services
Configure ESXi firewall
Lockdown mode explained
Integrate ESXi host with Active Directory
Access control system
Users and groups
Roles explained
Create custom role
Objects explained
Assign permissions
Manage resources
Memory virtualization explained
Memory overcommitment explained
Memory management technologies
Virtual SMP (vSMP) explained
Enable hyperthreading
Resource management overview
Shares explained
Resource pools explained
Resource pool attributes
How resource pools work?
Expandable reservation parameter
Create resource pool
Reporting
Performance charts in vCenter Server
Monitor CPU utilization
Monitor active memory utilization
Monitor disk usage
Monitor network performance
Real-time and historical statistics
Log levels in vCenter Server
Alarms
Alarms in vSphere
Alarm trigger types
Actions explained
Notifications explained
Create alarms
Acknowledge alarm
What is vCenter Operations Manager?
High Availability
vSphere High Availability explained
Protect agains ESXi host failures
Create clusters
Enable vSphere HA
Host Monitoring option
Admission Control explained
Admission Control policy
VM Monitoring explained
Datastore Heartbeating explained
Advanced Options in vSphere HA
VM overrides
Network maintenance and vSphere HA
Redundant heartbeat networks
Monitor vSphere HA cluster
Fault Tolerance
vSphere Fault Tolerance (FT) explained
vSphere FT requirements
VMware vLockstep
Enable vSphere FT
vSphere Replication explained
Scalability
vSphere Distributed Resource Scheduler (DRS) explained
vSphere Distributed Resource Scheduler (DRS) requirements
Set DRS automation level
Enhanced vMotion Compatibility (EVC) explained
Enhanced vMotion Compatibility (EVC) requirements
DRS affinity rules
Preferential DRS rules
Required DRS rules
Enable DRS
Create DRS affinity rule
Create DRS anti-affinity rule
Create VM to host rule
Maintenance mode explained