By default, the firewall for each service allows access to all IP addresses. To restrict traffic, configure each service to allow traffic only from your management subnet. You can also deselect some services if your environment does not use them.

Procedure

  1. Click Networking in the VMware Host Client inventory and click Firewall rules.
  2. Click a service from the list and click Edit settings.
  3. In the Allowed IP Addresses section, click Only allow connections from the following networks and enter the IP addresses of networks that you want to connect to the host.
    Separate IP addresses with commas. You can use the following address formats:
    • 192.168.0.0/24
    • 192.168.1.2, 2001::1/64
    • fd3e:29a6:0a81:e478::/64
  4. Click OK.