After you deploy vCenter Server, you can edit its firewall settings and create firewall rules using the Management Interface.
You can set up firewall rules to accept or block traffic between vCenter Server and specific servers, hosts, or virtual machines. You cannot block specific ports, you block all the traffic.
Prerequisites
Verify that the user who logs in to the vCenter Server instance is a member of the SystemConfiguration.Administrators group in vCenter Single Sign-On.
Procedure
- In the vCenter Server Management Interface, click Firewall.
- Edit the firewall settings.
Command Action Add - To create a firewall rule, click Add.
- Select a network interface of the virtual machine.
- Enter the IP address of the network to apply this rule to.
The IP address can be IPv4 and IPv6 address.
- Enter a subnet prefix length.
- From the Action drop-down menu, select whether to Accept, Ignore, Reject, or Return the connection between vCenter Server and the network that you entered.
- Click Save.
Edit - Select a rule and click Edit.
- Edit the settings of the rule.
- Click Save.
Delete - Select a rule and click Delete.
- At the prompt, click Delete again.
Reorder - Select a rule and click Reorder.
- In the Reorder pane, select the rule to move.
- Click Move Up or Move Down.
- Click Save.