Network and Storage Protocols

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Network and Storage Protocols

Ask a Question

Restrict CIFS access based on IP address

cjeff
NetApp Alumni
‎2010-01-12 07:42 PM
6,248 Views

Hi there,

My customer wants to restrict CIFS access based on IP address, is this link the only solution?

https://now.netapp.com/Knowledgebase/solutionarea.asp?id=ntapcs1272

Can MultiStore do this?

Thanks,

Jeff

0 Kudos
View By:
1 ACCEPTED SOLUTION

adamfox
NetApp Alumni
‎2010-01-13 08:09 AM
6,248 Views

I suppose it depends on what you mean.  I can think of 2 ways to do this.

1.  Only allow access to cifs shares based on CLIENT IPs.  In this case only a set of client addresses can access a particular share, but the request can come in on any interface on the storage.

2.  Only allow access to cifs shares based on SERVER (i.e. controller) IP.  So if a client connects to 10.1.1.2, they get access to a set of CIFS shares regardless of where they come from.  Coming into a controller on a different address would give access to different shares, or other services.

If you want to do #1, then the article you referenced is the answer.  If you want to do #2, MultiStore could be the answer or starting in either 7.2 or 7.3 you can restrict protocols on particular interfaces which could also be a solution.

So, it depends. (don't you just hate that?)

Hope this helps.

View solution in original post

0 Kudos
2 REPLIES 2

adamfox
NetApp Alumni
‎2010-01-13 08:09 AM
6,249 Views

I suppose it depends on what you mean.  I can think of 2 ways to do this.

1.  Only allow access to cifs shares based on CLIENT IPs.  In this case only a set of client addresses can access a particular share, but the request can come in on any interface on the storage.

2.  Only allow access to cifs shares based on SERVER (i.e. controller) IP.  So if a client connects to 10.1.1.2, they get access to a set of CIFS shares regardless of where they come from.  Coming into a controller on a different address would give access to different shares, or other services.

If you want to do #1, then the article you referenced is the answer.  If you want to do #2, MultiStore could be the answer or starting in either 7.2 or 7.3 you can restrict protocols on particular interfaces which could also be a solution.

So, it depends. (don't you just hate that?)

Hope this helps.

0 Kudos

cjeff
NetApp Alumni
‎2010-01-13 08:22 AM
In response to adamfox
6,248 Views

I mean the first, thanks.

0 Kudos
All Community Forums
Public