WilliamLam.com

  • About
    • About
    • Privacy
  • VMware Cloud Foundation
  • VKS
  • Homelab
    • Resources
    • Nested Virtualization
  • VMware Nostalgia
  • Apple
You are here: Home / ESXi / Dynamic ESXi firewall rulset for non-standard syslog ports in vSphere 8.0 Update 2b

Dynamic ESXi firewall rulset for non-standard syslog ports in vSphere 8.0 Update 2b

03.21.2024 by William Lam // 5 Comments

For most users who configure syslog for their ESXi hosts (hopefully everyone is doing that for audit, compliance and troubleshooting purposes), they typically stick with the default syslog ports 514 for UDP/TCP or 1514 for TLS.

A huge benefit of using the default syslog ports is that the ESXi firewall is already configured with these rulesets configured for outbound access.


If you require to use a non-standard syslog port for ESXi, the current solution was not ideal. While you can open up a custom port using the ESXi firewall, the issue is persisting that customization, which either requires a custom VIB or messing around with local.sh startup script.

A nice enhancement that is included with the recent release of vSphere 8.0 Update 2b is the support for a dynamic ESXi ruleset when non-standard syslog ports is configured.

As you can see in the example below when I configure my ESXi host to use a syslog server with a custom port 12345, the ESXi will automatically create a dynamic firewall ruleset that will open up that port for outbound connectivity. If you change the port or disable the syslog configuration, then the dynamic ruleset will be updated and/or removed.

More from my site

  • Quick Tip - Monitoring ESXi remote syslog forwarding
  • Enhanced vCenter Server Audit Event & Logging in vSphere 6.7 Update 2
  • Getting started with VMware Pivotal Container Service (PKS) Part 9: Logging
  • Getting started with VMware Pivotal Container Service (PKS) Part 8: Monitoring Tool Overview
  • Can the VCSA 6.5 forward to multiple syslog targets?

Categories // ESXi, vSphere 8.0 Tags // ESXi 8.0 Update 2b, firewall, syslog

Comments

  1. *protectedCLaudio says

    04/05/2024 at 2:52 am

    Hello William.
    Using that feature will make the rule permanent even after a reboot of the host?

    Reply
    • William Lam says

      04/05/2024 at 4:59 am

      Correct

      Reply
  2. *protectedArun says

    04/10/2024 at 8:15 am

    Hi William,

    We are trying to use a custom syslog port on a host running ESXi 7.0u3p Build 23307199 using the mentioned command but the dynamic rule is not getting created. Anything additional that needs to be done or checked?

    Reply
    • William Lam says

      04/16/2024 at 8:34 am

      It was mentioned internally that this was also supported with 70u3p, but just tried myself and seeing same behavior. Looks like this might only be possible w/8.0U2b and later

      Reply
      • *protectedDave says

        08/14/2024 at 10:58 pm

        Noticing the issue on 7.0u3p too, but the dynamic rule set works for 7.0u3q

        Reply

Thanks for the comment!Cancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Search

Thank Author

Author

William is Distinguished Platform Engineering Architect in the VMware Cloud Foundation (VCF) Division at Broadcom. His primary focus is helping customers and partners build, run and operate a modern Private Cloud using the VMware Cloud Foundation (VCF) platform.

Connect

  • Bluesky
  • Email
  • GitHub
  • LinkedIn
  • Mastodon
  • Reddit
  • RSS
  • Twitter
  • Vimeo

Recent

  • Programmatically accessing the Broadcom Compatibility Guide (BCG) 05/06/2025
  • Quick Tip - Validating Broadcom Download Token  05/01/2025
  • Supported chipsets for the USB Network Native Driver for ESXi Fling 04/23/2025
  • vCenter Identity Federation with Authelia 04/16/2025
  • vCenter Server Identity Federation with Kanidm 04/10/2025

Advertisment

Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here: Cookie Policy

Copyright WilliamLam.com © 2025

 

Loading Comments...