Lane Leverett pointed me out to the fact that it’s possible to add a firewall service instead of opening up a huge range or multiple ranges for one service by hand. This way a junior system engineer can easily open up a port range via VirtualCenter instead of the console. I tried this in our testlab with ESX 3.5 and VirtualCenter 2.5 and it works like a charm.
[Read more…] about Howto: Adding a firewall service on ESX
firewall
Port range and esxcfg-firewall
An often made mistake when trying to open up or close a port range with the ESX(3.0.2 and 3.5) firewall is using the dash(-) as a divider. Using the dash unfortunately does not always result in an error. To open up or close a port range you should use a collon(:) as a divider:
esxcfg-firewall –openport 6000:6010,tcp,in,test