https://community.netapp.com/t5/ONTAP-Discussions/Restricting-NetApp-Administration/m-p/163291#M37329 <P>Thank you&nbsp;<a href="https://community.netapp.com/t5/user/viewprofilepage/user-id/45689">@paul_stejskal</a>&nbsp;!</P> Mon, 25 Jan 2021 15:55:07 GMT TMADOCTHOMAS 2021-01-25T15:55:07Z https://community.netapp.com/t5/ONTAP-Discussions/Restricting-NetApp-Administration/m-p/163133#M37290 <P>In the old 7-mode days, you could create a list of IP addresses on a filer that would restrict administration to someone coming from one of those IP's.</P><P>&nbsp;</P><P>In cluster mode, you can do the same with the SP:</P><P>&nbsp;</P><P><SPAN><A href="https://docs.netapp.com/ontap-9/topic/com.netapp.doc.dot-cm-sag/GUID-6FE269CD-335F-47C0-B9F7-6EF6E2546E52.html" target="_blank">https://docs.netapp.com/ontap-9/topic/com.netapp.doc.dot-cm-sag/GUID-6FE269CD-335F-47C0-B9F7-6EF6E2546E52.html</A></SPAN></P><P>&nbsp;</P><P><SPAN>However, I've not found anything to indicate this can be done for regular SSH access or System Manager access. Does anyone know if this type of restriction exists?</SPAN></P> Wed, 04 Jun 2025 10:38:02 GMT https://community.netapp.com/t5/ONTAP-Discussions/Restricting-NetApp-Administration/m-p/163133#M37290 TMADOCTHOMAS 2025-06-04T10:38:02Z https://community.netapp.com/t5/ONTAP-Discussions/Restricting-NetApp-Administration/m-p/163138#M37294 <P>You can define service policies or&nbsp;<SPAN>services firewall policy.</SPAN></P><P>&nbsp;</P><P><SPAN><A href="http://docs.netapp.com/ontap-9/index.jsp?topic=%2Fcom.netapp.doc.dot-cm-nmg%2FGUID-09329781-2E57-49E5-B052-EC4D6FEBB41B.html" target="_blank">http://docs.netapp.com/ontap-9/index.jsp?topic=%2Fcom.netapp.doc.dot-cm-nmg%2FGUID-09329781-2E57-49E5-B052-EC4D6FEBB41B.html</A></SPAN></P> Thu, 21 Jan 2021 18:27:20 GMT https://community.netapp.com/t5/ONTAP-Discussions/Restricting-NetApp-Administration/m-p/163138#M37294 jcolonfzenpr 2021-01-21T18:27:20Z https://community.netapp.com/t5/ONTAP-Discussions/Restricting-NetApp-Administration/m-p/163140#M37295 <P>Interesting! Thank you&nbsp;<a href="https://community.netapp.com/t5/user/viewprofilepage/user-id/81067">@jcolonfzenpr</a>&nbsp;. I am aware of firewall policies but have never fooled with them.</P><P>&nbsp;</P><P>So essentially I could modify the default "mgmt" policy, which applies to all management LIFs, and change the allow-list to the IP's I want to have access? And that would prevent other IP's from SSH'ing in or accessing via System Manager (assuming I apply to all services)? Am I understanding this right?</P> Thu, 21 Jan 2021 18:47:20 GMT https://community.netapp.com/t5/ONTAP-Discussions/Restricting-NetApp-Administration/m-p/163140#M37295 TMADOCTHOMAS 2021-01-21T18:47:20Z https://community.netapp.com/t5/ONTAP-Discussions/Restricting-NetApp-Administration/m-p/163286#M37324 <P>Correct. Just modify the firewall and you'll be good to go.</P> Mon, 25 Jan 2021 15:40:33 GMT https://community.netapp.com/t5/ONTAP-Discussions/Restricting-NetApp-Administration/m-p/163286#M37324 paul_stejskal 2021-01-25T15:40:33Z https://community.netapp.com/t5/ONTAP-Discussions/Restricting-NetApp-Administration/m-p/163291#M37329 <P>Thank you&nbsp;<a href="https://community.netapp.com/t5/user/viewprofilepage/user-id/45689">@paul_stejskal</a>&nbsp;!</P> Mon, 25 Jan 2021 15:55:07 GMT https://community.netapp.com/t5/ONTAP-Discussions/Restricting-NetApp-Administration/m-p/163291#M37329 TMADOCTHOMAS 2021-01-25T15:55:07Z