Unable to change 'Allow connections from any IP address' for the 'NFS Client' firewall setting from vSphere Client.

search cancel

Unable to change 'Allow connections from any IP address' for the 'NFS Client' firewall setting from vSphere Client.

book

Article ID: 412085

calendar_today

Updated On:

Products

VMware vCenter Server

Issue/Introduction

To change 'Allow connections from any IP address' for the 'NFS Client' firewall setting failed.
The below error occurs.
Invalid operation requested: Can not change allowed ip list this ruleset, it is owned by system service.

Environment

VMware vCenter Server 8.x

Cause

This an expected behavior. The "NFS Client" firewall ruleset is owned by system service.

Resolution

It can confirm that 'Allowed IP configurable' for the nfsClient ruleset is set to false using the below command.

# esxcli network firewall ruleset list
Name Enabled Enable/Disable configurable Allowed IP configurable
--------------------------- ------- --------------------------- -----------------------
nfsClient true false false

Additional Information

Firewall Configurations for NFS Storage ESXi
Cannot add allowed IP addresses for "NFS Client" in ESXi host 8.0 U2b or later
NFS server's IP is removed automatically from firewall allowed list after esxi host rebooting on 8.0U2 or above due to bug

Feedback

thumb_up Yes

thumb_down No