D.1 Enabling VNC Access By Opening Multiple Firewall Ports

Use the following steps to enable the 59xx firewall ports for VNC access to vSphere 5 VM guest consoles:

  1. In your vSphere environment, log in to the vSphere Client, then select Home > Inventory > Hosts and Clusters.

  2. In the Hosts/Clusters tree view, select the ESXi host name that represents the server you want to open for VNC access.

  3. Select the Configuration tab, locate and open the Software list box, then select Security Profile.

  4. In the Firewall section, select the Properties link to display the Firewall Properties dialog box.

  5. In the dialog box, scroll to and select GDB Server, then click OK.

    Your ESXi server now allows VNC access to Guest VM consoles through its firewall.

    NOTE:If you are using vSphere 4.x or earlier, select VNC Server in the list box for this step.

  6. Repeat these steps for each ESXi host system.

The GDB Server setting covers the needed 59xx port range in its own port range, so when you enable firewall access for GDB Server, VNC services also become open. Extra open ports do not present a serious security problem, because a user rarely runs manual services that listen on those ports.

If you are concerned about these extra open ports, you can use the method for opening firewall ports explained in Section D.2, Enabling VNC Access by Creating a Special Configuration File.