ESXi host goes into 'Not Responding' State After Firewall Changes or Edits.

search cancel

ESXi host goes into 'Not Responding' State After Firewall Changes or Edits.

book

Article ID: 413711

calendar_today

Updated On:

Products

VMware vSphere ESXi

Issue/Introduction

Editing a firewall rule from the vCenter GUI, for a specific ESXi host within vCenter, results in the ESXi host entering 'Not Responding' state. This may also impact VMs, rendering them inaccessible.

From the hostd logs presented in an SSH to the host, within /var/log directory, you will notice the below message:

--> eventTypeId = "esx.audit.net.firewall.config.changed",

The firewall settings are changed from below, within 'Edit Security Profile' for specific ESXi host:

Environment

ESXi 7.0U3

vCenter 7.0U3

Cause

De-selecting any firewall rules, results in disabling the services, most of which are needed for the ESXi host to communicate to vCenter and from the ESXi host to reach storage, impacting the VMs that are hosted.

Resolution

Performing a reboot, will re-push the default firewall rules needed for communication between ESXi host and vCenter.

Additional Information

Manage ESXi Firewall Settings

Feedback

thumb_up Yes

thumb_down No