VMware

Optimize Your vSphere Security with Dynamic ESXi Firewall Rules for Non-Standard Syslog Ports in vSphere 8.0 Update 2b and 7.0 Update 3p

Leave a comment

Using Non-Standard Syslog Ports in ESXi: A Game Changer

As a seasoned IT professional, you may be familiar with the default syslog ports used by ESXi hosts for audit, compliance, and troubleshooting purposes. However, if you need to use a non-standard syslog port, the current solution has been less than ideal. But fear not, as vSphere 8.0 Update 2b and vSphere 7.0 Update 3p have brought a welcome enhancement to the table.

In the past, configuring a non-standard syslog port required either creating a custom VIB or modifying the local.sh startup script, which could be time-consuming and less than ideal for maintenance purposes. However, with the latest releases of vSphere, you can now enjoy the benefit of a dynamic ESXi ruleset when using non-standard syslog ports.

Here’s an example of how to configure a custom syslog port 12345 on your ESXi host:

Configure the syslog server with port 12345:

“`markdown

EsxiHost.config.syslog.server = “udp://192.168.1.100:12345”

“`

As you can see, the ESXi firewall will automatically create a dynamic ruleset that opens up the specified port for outbound connectivity. This feature is especially useful if you need to use a non-standard syslog port for any reason.

The best part? The dynamic ruleset will persist even after a reboot of the host, so you don’t have to worry about reconfiguring the firewall every time the host restarts.

Categories // ESXi, vSphere 7.0, vSphere 8.0 Tags // ESXi 7.0 Update 3p, ESXi 8.0 Update 2b, firewall, syslog

In the comments section, CLaudio asks if the rule will be permanent even after a reboot of the host, and I confirm that it will indeed be persistent. Arun also comments, asking for help with creating the dynamic rule on an ESXi 7.0u3p host, which I answer with more information on how to troubleshoot any issues that may arise.

Overall, this new feature in vSphere is a game changer for anyone using non-standard syslog ports on their ESXi hosts. No longer do you have to worry about the hassle of customizing the firewall ruleset or relying on a custom VIB. With the dynamic ESXi ruleset, you can easily configure your syslog server with any port you choose, and the firewall will take care of the rest.

Leave a Reply