I am having an issue getting my ESXi servers to add to my DVS. At first I thought it was a DVS issue, but I turned the firewall off and they will add just fine. I have a locked down environment (Feds) and I have an automated process that uses a deployment server and a build script. In that script it first denies all and then goes back in and adds the networks per service as needed. Nothing has changed that I can see, but this is an old script. When I go to add the server to the DVS in vSphere 6 (HP GEN10), the add times out and I have to restore the networks settings from the DCUI and manually remove the server from the DVS to get it back. If I turn the firewall off, add the server, then turn the firewall back on, it seemed to work, but I can't trust that. I have looked through the settings and I can't find the firewall setting that is directly affecting this? Has anyone ran into this before or know what the settings that could be effecting the process?
# turn off allowed-all on all services
ALLOWED_ALL=`esxcli network firewall ruleset allowedip list|awk '{print $1}'|grep -v "\-\-"|grep -v "Ruleset"`
for ALLOWEDALL in ${ALLOWED_ALL}
do
esxcli network firewall ruleset set --allowed-all false -r ${ALLOWEDALL}
done
# restrict following services to management networks
MGMT_SERVICES="webAccess vSphereClient sshServer sshClient ftpClient httpClient remoteSerialPort updateManager vpxHeartbeats HBR IKED ipfam gdbserver DVFilter DVSSync vSPC vprobeServer rdt cmmds vsanvp rabbitmqproxy"
MGMT_NETWORKS="127.0.0.1, My server network and my workstation network "
for MGMTSERVICE in ${MGMT_SERVICES}
do
for MGMTNETWORK in ${MGMT_NETWORKS}
do
${FIREWALL_CMD} ${MGMTSERVICE} --ip-address ${MGMTNETWORK}
done
done