This document describes how to recover firewall settings when you cannot access the ESXi host via SSH or the Host Client due to an incorrect firewall settings in the web UI.

VMware ESXi

1. Access the ESXi host via the hardware console (DCUI).

2. Press [Alt + F1] and log in to the ESXi Shell as the root user.
     Note: If the ESXi Shell is disabled, refer to the section "Enabling ESXi Shell access using the Direct Console User Interface" in the documentation Using ESXi Shell in ESXi.

3. Run the following commands:

To allow vSphere Client access from all IP addresses::
esxcli network firewall ruleset set --allowed-all true --ruleset-id="vSphereClient"

To allow SSH access from all IP addresses:
esxcli network firewall ruleset set --allowed-all true --ruleset-id="sshServer"

• Using ESXi Shell in ESXi
• Using ESXCLI Firewall Commands to Configure ESXi Behavior