2V0-622 · Question #228
An administrator creates a custom ESXi firewall rule using an XML file, however the rules do not appear in the vSphere Web Client. Which action should the administrator take to correct the problem?
The correct answer is B. Load the new rules using esxcli network firewall refresh.. The esxcli network firewall refresh command reloads firewall rule XML files on a live ESXi host, making new custom rules immediately visible without a reboot.
Question
An administrator creates a custom ESXi firewall rule using an XML file, however the rules do not appear in the vSphere Web Client. Which action should the administrator take to correct the problem?
Options
- ALoad the new rules using esxcli network firewall reload.
- BLoad the new rules using esxcli network firewall refresh.
- CVerify the entries in the XML file and then reboot the ESXi host.
- DRemove the ESXi host from the inventory and add it back.
How the community answered
(30 responses)- A10% (3)
- B83% (25)
- C3% (1)
- D3% (1)
Why each option
The esxcli network firewall refresh command reloads firewall rule XML files on a live ESXi host, making new custom rules immediately visible without a reboot.
esxcli network firewall reload reloads the firewall module and its currently cached configuration but does not re-read or pick up newly added XML rule definition files.
Running esxcli network firewall refresh causes ESXi to re-read all XML rule definition files from the firewall configuration directory and apply any new or changed entries immediately. This is the correct and non-disruptive method for activating newly placed custom firewall XML rules so they appear in the vSphere Web Client.
A full host reboot is unnecessary because the esxcli refresh command is designed to apply new rules on a running host without downtime.
Removing and re-adding the host from inventory is a disruptive administrative action with no effect on loading local firewall rule XML files.
Concept tested: ESXi custom firewall XML rule activation via esxcli refresh
Source: https://docs.vmware.com/en/VMware-vSphere/6.5/com.vmware.vsphere.security.doc/GUID-7A8BEFC8-BF86-49B5-AE8E-5DF72F5B5A6B.html
Topics
Community Discussion
No community discussion yet for this question.