Default firewall settings apply to traffic that does not match any of the user-defined firewall rules.

The default firewall rule allows all L3 and L2 traffic to pass through all clusters in your infrastructure. The default rule is always at the bottom of the rules table and cannot be deleted or added to. However, you can change the Action element of the rule from Allow to Block, add comments for the rule, and indicate whether traffic for that rule should be logged.


Log in to the vSphere Web Client.


Click Networking & Security and then click Firewall.


Expand the Default Section and make the required changes.

You can only edit Action and Log, or add comments to the default rule.