VMware ESXi includes a built in VNC server that can be used to access a VMs console for manipulation via automated tools (e.g., veewee) or by users on platforms where the vSphere Client is not supported. In ESXi 5.x, the built-in firewall does not allow VNC traffic to be received by the VNC server, even when an individual VM is configured to support this configuration. To complete this activity, the firewall has to be modified to allow the appropriate ports.
The below script can be run via the ESXi command line to setup the firewall rules necessary to run VNC. A few items to note:
- Scripts assumes the firewall rules file is the default provided as by 5.0.0 update 2 build 914586 and/or 5.1.0 build 799733 (may work in other versions)
- In order to persist settings after a reboot, it is necessary to copy the firewall settings to either a specific datastore mapped to the host, or the local persistent storage linked under the /store directory. Further, the either the
/etc/rc.local(ESXi 5.0) or `/etc/rc.local