Starting with ESXi 7.0 Update 3q and ESXi 8.0 Update 2b, when configuring a remote syslog server, with non-standard ports, the vmsyslogd service automatically creates persistent dynamic firewall rules. There is no longer a need to manually open the firewall at ports that are different from the default 514 for TCP/UDP and 1514 for SSL protocols respectively. When configuring remote hosts with the standard ports, you still need to enable the syslog firewall ruleset.
ESXi 7.x
ESXi 8.x
Starting in ESXi 7.0 GA custom ESXi firewall rules are no longer supported without the use of a VIB.
To configure a custom port for syslog in ESXi 7.0 U3q or later, or ESXi 8.0 U2b or later:
tcp://hostname:port-number or udp://hostname:port-number
Creating custom firewall rules in ESXi is not supported. Please refer to Creating custom firewall rules in VMware ESXi