Configuration details | - From a test host, run the SSH command:
SSH root@<ESXi-IP> If not working, ensure that SSH service is enabled under Manage > Services. - On the ESXi vSphere client, go to Networking > Firewall rules.
- Search for "ssh" and click SSH Server.
- Click Edit settings.
- Select to Only allow connections from the following networks.
- Enter in a subnet that is not the test host subnet and click OK.
|
Verification steps | - On the test host, repeat the SSH command.
- Confirm that it fails.
- Set SSH server firewall setting back to All connections from all IP addresses.
- Attempt the SSH command again.
- Confirm a successful connection.
|
Helpful tips | - Take extra care to not lock out legitimate subnets, especially for essential services.
- Utilize this feature as an extra layer of defense.
- This is a predefined set of rules that can be enabled and configured for certain IP addresses.
|