Home » VMware Manuals » Computer Software » VMware VS4-STD-C » Manual Viewer

VMware VS4-STD-C Evaluator Guide - Page 86

Creating Firewall Rules to Block SSH Access, you have to ﬁrst enable the SSH service as follows

Add to My Manuals
Save this manual to your list of manuals

Page 86 highlights

VMware vSphere 5.0 Evaluation Guide - Volume One Figure 116. This demonstrates that by shutting down the SSH service, you can completely deny remote access. Instead of blocking all access by stopping a service, you can selectively restrict remote access through the ESXi firewall. In the following section, you will enable the SSH service, and then use firewall settings to provide selective remote access. Creating Firewall Rules to Block SSH Access Before creating the firewall rules to block SSH access, you have to first enable the SSH service as follows: 1. Click the Services Properties link, as shown in Figure 112. 2. Select SSH service in the Service Properties panel, as shown in Figure 117. You can see that the SSH service is stopped. To enable the service, click Options. TECHNICAL WHITE PAPER / 86

Section	Page
About This Guide	5
Intended Audience	5
System Requirements	5
Hardware Requirements	5
Servers	5
Storage	5
Networking	5
Software and Licensing Requirements	6
VMware vSphere	6
Guest Operating Systems	6
Evaluation Guide Environment Setup	7
Server Configuration	8
Logical Network Setup	8
Storage Setup	10
Virtual Machine Setup	10
VMware vSphere 5.0 Evaluation Guide, Volume One – Worksheet	11
vSphere Evaluation Tasks	12
High Availability	12
Introduction	12
Prerequisites	12
Enabling HA	12
Connect to Virtual Server	13
Go to Cluster Summary	14
Edit Cluster Settings	15
Wait for Task to Complete	16
Verifying VMware HA Enablement	16
HA Status Screen	16
Virtual Machine Protection State	20
Host Protection State	21
VMware HA Advanced Options	22
Admission Control	24
Virtual Machine Options	25
Virtual Machine Monitoring	27
Storage Heartbeats	29
Validating VMware HA Operation	29
Host Failure	29
Host Isolation	34
Disabling VMware HA	43
Connect to a Virtual Server	43
Go to the Cluster Summary	44
Edit Cluster Settings	45
Wait for Task to Complete	46
Getting Familiar with the New Command-Line Interface	46
Introduction	46
The New esxcli Command	47
esxcli Command-Line Syntax	47
Remote esxcli Command Authentication	49
Enabling Access to the ESXi Shell	50
Enabling the ESXi Shell from the DCUI	50
Enabling the ESXi Shell from the vSphere Client	50
Enabling SSH Access to the ESXi Shell	51
Enabling SSH from the DCUI	51
Enabling the SSH from the vSphere Client	52
vSphere Client Notification When the ESXi Shell and SSH Are Enabled	53
Installing the vCLI	53
Installing the vCLI on Windows	53
Installing the vCLI on Linux	53
Installing the vCLI with the vMA	53
Sample esxcli Commands Run Locally from the ESXi Shell	54
Sample esxcli Commands Run Remotely from the vCLI	56
Formatting esxcli Output	58
The localcli Command	59
Bringing It All Together	60
vSphere PowerCLI by Example	62
Introduction	62
Prerequisites	62
Install vSphere PowerCLI	62
Getting Started with vSphere PowerCLI	69
Connecting to a vSphere Host or vCenter	69
Using vSphere PowerCLI	71
vSphere PowerCLI Summary	81
Evaluating the ESXi Firewall	81
Introduction	81
Evaluation Overview	81
Prerequisites	81
Stopping SSH Service to Prevent Access	81
Testing Access with SSH Service Stopped	85
Creating Firewall Rules to Block SSH Access	86
Testing SSH Firewall Rules	89
Image Builder	91
Introduction	91
Image Builder Prerequisites	92
Preparation Tasks	92
Install vSphere PowerCLI	92
Download the ESXi Offline Bundle	92
Extract the ESXi Offline Bundle	92
Start an Image Builder vSphere PowerCLI Session	92
Import the ESXi Offline Bundle	94
Display Software Depots	94
Display VIBs	95
Display Image Profiles	95
Create a New Image Profile	96
Create a New Image Profile by Manually Selecting Individual VIBs	96
Create a New Image Profile by Cloning an Existing Image Profile	98
Removing VIBs from an Image Profile	98
Compare Image Profiles	99
Export Image Profile	99
Export As an Offline Bundle	99
Export As a Bootable ISO Image	100
Product Documentation	100
Using Storage Performance Statistics	101
Introduction	101
Monitoring Performance Statistics of a Datastore	103
Help and Support During the Evaluation	105
VMware Contact Information	105

Match case Limit results 1 per page

TECHNICAL WHITE PAPER / 86

VMware vSphere 5.0 Evaluation Guide –

Volume One

Figure 116.

This demonstrates that by shutting down the SSH service, you can completely deny remote access. Instead of

blocking all access by stopping a service, you can selectively restrict remote access through the ESXi ﬁrewall.

In the following section, you will enable the SSH service, and then use ﬁrewall settings to provide selective

remote access.

Creating Firewall Rules to Block SSH Access

Before creating the ﬁrewall rules to block SSH access, you have to ﬁrst enable the SSH service as follows:

±²

Click³the³Services³Properties³link¶³as³shown³in³Figure³±±´²

´²

Select³SSH³service³in³the³Service³Properties³panel¶³as³shown³in³Figure³±±»²³You³can³see³that³the³SSH³service³

is³stopped²³To³enable³the³service¶³click³

Options´