Starting with ESXi 7.0 Update 3q and ESXi 8.0 Update 2b, when configuring a remote syslog server, with non-standard ports, the vmsyslogd service automatically creates persistent dynamic firewall rules. There is no longer a need to manually open the firewall at ports that are different from the default 514 for TCP/UDP and 1514 for SSL protocols respectively. When configuring remote hosts with the standard ports, you still need to enable the syslog firewall ruleset.

ESXi 7.x

ESXi 8.x

Starting in ESXi 7.0 GA custom ESXi firewall rules are no longer supported without the use of a VIB. 

To configure a custom port for syslog in ESXi 7.0 U3q or later, or ESXi 8.0 U2b or later:

1. Navigate to the ESXi host in vCenter
2. Click "Configure"
3. Navigate to "Advanced System settings" under "System"
4. Click on "Edit"
5. Click on the filter icon next to "Key" and enter "Syslog.global.loghost"
6. Enter the syslog server information along with the port to be used and Click OK. See Configuring syslog on ESXi
7. Ensure to include the protocol and port
   • Example: tcp://hostname:port-number or udp://hostname:port-number

VMware ESXi 7.0 Update 3q Release Notes

VMware ESXi 8.0 Update 2b Release Notes