Scenario 22
< Back | Next>
Scenario:
You are responsible for securing a vSphere environment. You are required to enable SSH on all ESXi hosts, but you want to secure it. You want to ensure that SSH access is permitted only from a specific set of IP addresses.
Requirements:
- Modify the ESXi host such that it permits SSH connections only from a specific set of IP addresses.
Environment Information:
- ESXi host: host-02.lab.local
- IP addresses that are permitted for SSH: 192.168.1.21, 192.168.1.31
Objective: : 7.2 Configure and Maintain the ESXi Firewall
Guide Reference(s):
Click Here For Solution
Solution
- Use the vSphere Client to navigate to Inventory > Hosts and Clusters.
- Select the ESXi host.
- Select the Configuration tab > Security Profile.
- In the Firewall section, click Properties.
- Select the SSH service and click the Firewall button.
- Check the Only allow connections from the following networks box.
- In the text box, enter 192.168.1.21, 192.168.1.31.
- Click OK.