ESXi firewall

esxcli network firewall ruleset allowedip list

esxcli network firewall ruleset allowedip add -r VNC -i 54.3.5.1

esxcli network firewall ruleset set --ruleset-id VNC --enabled true -a false

esxcli network firewall ruleset rule list

esxcli network firewall load vnc vnc.xml vsanhealth.xml

esxcli network firewall refresh

/etc/vmware/firewall/

[root@ns3172330:/etc/vmware/firewall] more vnc.xml

<ConfigRoot>
<service id='0200'>
<id>VNC</id>
<rule id='0000'>
<direction>inbound</direction>
<protocol>tcp</protocol>
<porttype>dst</porttype>
<port>
<begin>5900</begin>
<end>6199</end>
</port>
</rule>
</service>
</ConfigRoot>