The ESXi firewall acts as a firewall between the management interface (VMkernel) and the external network. The ESXi firewall is enabled by default. The ESXi firewall will block incoming and outgoing traffic except the traffic for the default services. Internet Control Message Protocol (ICMP), Domain Name System (DNS), and Dynamic Host Configuration Protocol (DHCP) communications are allowed in the ESXi firewall by default.
A Firewall Configuration file called
Service.xml is stored at
/etc/vmware/firewall/. This file contains the firewall rules and its relationship with ports and protocols. The supported services and agents that are required to operate the ESXi host are described in the rule-set configuration file. ...