Enable outbound FTP ports on VMware ESX server.

August 26, 2009
By

The operating system on VMware ESX 3 is a striped down version of linux. It has only the bare necessities for VMware to function. I wanted to configure a cron job to email the log file, but because sendmail is not installed the mailto command did not work.

I decided to write a script to automatically upload the log file to an FTP server and then create a schedule on this FTP server to email the log. In order to get this script working I had to open up outbound traffic on the firewall of the VMware ESX server.

The first thing I did was to open the outbound ports for FTP client. You must connect to the command line interface via SSH and login as root. Then enter the commands below.

esxcfg-firewall – -openPort 20,tcp,out,FTP
esxcfg-firewall – -openPort 21,tcp,out,FTP
esxcfg-firewall – -enableService ftpClient

I then proceeded to test the outbound ftp connection. The ftp authentication worked, I was connected to the remote server. But the ls, dir, put commands would not work. This is because these commands use dynamic ports.

I had no choice but to disable all firewall policies for outbound connection to get the ftp client fully functional. Here is the VMware ESX command that will disable all outbound firewall policies.

esxcfg-firewall –allowoutgoing

You will get the below warning message after the above command is executed.
2009-08-24 14:52:53 (31448) WARN : Setting firewall default /firewall/blockOutgoing to 0

Be Sociable, Share!

Tags:

2 Responses to “ Enable outbound FTP ports on VMware ESX server. ”

  1. climanun on December 14, 2010 at 11:25 pm

    “Here is the VMware ESX command that will disable all outbound firewall policies.”
    Intresting. I would like details!

    • Andrew Lin on December 15, 2010 at 2:16 pm

      Please elaborate, what other details are you looking for?

Leave a Reply