Troubleshooting an ESX Firewall Process that is not responding

Details

  • You cannot ping the ESX host.
  • You cannot successfully connect via SSH or the Virtual Infrastructure Client.
  • The ESX host may show as Not Responding in Virtual Center Management Server.
  • Sourcing a ping from the ESX host results in packet loss returning the error, Operation not permitted .

Solution

To check the status of the firewall process and restart the process:
  1. Log in to the ESX Server service console.
  2. Run the following command.

    ps -elf |grep -i firewall

  3. Look for the following process and note if the word "defunct" is present.

    root      xxxx  0.0  0.0     0    0 ?        Z    10:59   0:00 [esxcfg-firewall <defunct>]

  4. Reset the firewall with the following command.

    esxcfg-firewall -r

  The ESX Server firewall reloads and your connectivity resumes.

Based on VNware KB 1003941
  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

Hardware and firmware requirements for 64-bit guest operating systems

PurposeThis article explains the host machine hardware and firmware requirements for installing...

Logging in to the vCenter Server 5.0 Web Client fails with the error: unable to connect to vCenter Inventory Service

DetailsAfter upgrading from vCenter Server 4.1 to 5.0, you experience these symptoms:Cannot log...

Multiple network entries in vCenter Server 5.0.x after migrating virtual machines from a virtual switch to a virtual distributed switch

SymptomsAfter migrating virtual machines from a virtual switch to a virtual Distributed...

Minimum requirements for the VMware vCenter Server 5.x Appliance

PurposeIf you are using the VMware vCenter Server Appliance, beginning with vSphere 5.0 you can...