Configuration details | - From a test host, run a telnet command to port 22:
telnet <ESXi-IP> 22 If not working, ensure that SSH service is enabled under Manage > Services. - On the ESXi vSphere client, go to Networking > Firewall rules.
- Search for "ssh" and click SSH Server.
- Click Edit settings.
- Select to Only allow connections from the following networks.
- Enter in a subnet that is not the test host subnet and click OK.
|
Verification steps | - On the test host, repeat the telnet command.
- Confirm that it fails.
- Set SSH server firewall setting back to All connections from all IP addresses.
- Attempt the Telnet command again.
- Confirm a successful connection.
|
Helpful tips | - Take extra care to not lock out legitimate subnets, especially for essential services.
- Utilize this feature as an extra layer of defense.
- This is a predefined set of rules that can be enabled and configured for certain IP addresses.
|