ESXi firewall rules do not stay persistent after reboot in ESXi version 7.0 U2 and 7.0 U2a
search cancel

ESXi firewall rules do not stay persistent after reboot in ESXi version 7.0 U2 and 7.0 U2a

book

Article ID: 317437

calendar_today

Updated On:

Products

VMware vSphere ESXi

Issue/Introduction

  • The firewall rule get disabled after reboot if any modification is performed
  • The firewall get disabled after reboot in case it was enabled.
  • Few firewall rules get enabled after reboot even though it was disabled manually via host web client or VCenter or CLI


Environment

VMware vSphere ESXi 7.0.2

Resolution


The fix is ESXI 7.0 U3

Workaround:

  • In case the rule is already enabled:
  1. First Modify like uncheck the Allow All and then add the IP range you want and then disable the rule.
  2. Enable the rule again.
  3. Now the rule will not disable even after reboot.
  • In case the rule is not enabled:
  1. First Modify like allow the IP range you want and also enable the rule.
  2. Disable the rule now.
  3. Enable the rule again.
  4. Now the rule will not disable even after reboot.
  • In case you are modifying the rule again:
  1. First Modify like edit the IP range you want or want to allow All and then disable the rule.
  2. Enable the rule again.
  3. Now the rule will not disable even after reboot.

Note: A few firewall rules getting enabled after reboot is expected, as there are few daemon/services which run and enable those rules when the system is booted.

Additional Information

Impact/Risks:
The rules configuration might not remain persistent after reboot.

Powered by Wolken Software