Although this option allows you to put rules relatively easy, many times this rules are not applied if you dont know the default policy in esxi, so lets take a look some usefull commands to avoid putting rules that are not being effective.

LISTING ACTUAL RULES
~ # esxcli network firewall ruleset allowedip list

GETTING THE FIREWALL STATUS
~ # esxcli network firewall get
Default Action: PASS
Enabled: false
Loaded: false

PUTTING DEFAULT POLICY DROP
~ # esxcli network firewall set –default-action false

ENABLE / DISABLE FIREWALL ( true / false)
~ # esxcli network firewall set -e true

RELOAD OR REFRESH FIREWALL RULES
~ # esxcli network firewall refresh

~ # esxcli network firewall get
Default Action: DROP
Enabled: true
Loaded: true

NOW PUTTING DOWN THE FIREWALL
~ # esxcli network firewall unload
~ # esxcli network firewall get
Default Action: PASS
Enabled: false
Loaded: false

PUTTING UP THE FIREWALL
~ # esxcli network firewall load
~ # esxcli network firewall get
Default Action: DROP
Enabled: true
Loaded: true

MORE AGGRESIVE (BE CAREFULL TO AVOIT LOST SSH CONSOLE) AUTHORIZING ONLY ONE IP

~ # esxcli network firewall ruleset set -a false -r sshServer; esxcli network firewall ruleset allowedip add -r sshServer -i 192.168.0.254

Anderson Alfaro

I am passionate for knowledge of Cloud technologies and reading the Bible as both make sense to me, but this last one keeps me on the ground and not in the cloud. Prov 16:18
VCP - MCSA - MCTS - RHCSA - RHCE - RHCVA

IF YOU WANT TO WRITE HERE AS A SPONSOR, PLEASE SEND ME AN EMAIL
Note: I am in the process of learning English, if you notice some mistakes, please let me know. I'll appreciate that. Thank you