ESXi 6.0 Firewall can be easily managed from vSphere Web Client if you need to enabled or disabled a set of predefined ports (usually standard port).
How to Open non-standard ports on Esxi 6.0
In most cases you can manage firewall on esx from vsphere:
Manage > Security Profiles
Here you find a set of predefined Services and relative ports, if you need to enable or disable someone of these, just click EDIT on the top.
What if you need to add a new service with a new port lot listed in vsphere firewall?
If you are using ESXi 5.x you need to access esxi (using ssh) and modify /etc/vmware/firewall/service.xml (before editing this file it is necessary to set proper permission). The official procedure is the following:
Unfortunately it doesn’t work with esxi 6.0. To add a new service in Esxi 6 you don’t have to edit service.xml file but you need to create a new file “myservices.xml” with port and property defined inside.
For example I have “myservice” which need port 15001 tcp outbound, here is the file myservices.xml
<!-- Firewall configuration information for IL MY SERVICES -->
If you need to add more port for one services, just add a <rule> session increasing rule id and changing port number, if you need to add a new services, add a <service> session increasing service id.
In the end you need to reload firewall rules
#esxcli network firewall refresh