Sometimes I need to ssh jump to esxi host and tunnel RDP to an internal host across the ssh session
Backup:
cp /etc/vmware/firewall/service.xml /etc/vmware/firewall/service.xml.bak
chmod 644 /etc/vmware/firewall/service.xml
chmod +t /etc/vmware/firewall/service.xml
vi & enter towards the bottom of service.xml (below 0037):
<!– MY RDP –>
<service id=’0038′>
<id>myrdp</id>
<rule>
<direction>outbound</direction>
<protocol>tcp</protocol>
<porttype>dst</porttype>
<port>3389</port>
</rule>
<enabled>false</enabled>
<required>false</required>
</service>
chmod 444 /etc/vmware/firewall/service.xml
esxcli network firewall refresh
esxcli network firewall ruleset list
esxcli network firewall ruleset set -e true -r myrdp
Now feel free to RDP via ssh tunnel. I usually disable the rule after via:
esxcli network firewall ruleset set -e false -r myrdp