ONTAP Discussions

Restricting NetApp Administration

TMADOCTHOMAS

In the old 7-mode days, you could create a list of IP addresses on a filer that would restrict administration to someone coming from one of those IP's.

 

In cluster mode, you can do the same with the SP:

 

https://docs.netapp.com/ontap-9/topic/com.netapp.doc.dot-cm-sag/GUID-6FE269CD-335F-47C0-B9F7-6EF6E2546E52.html

 

However, I've not found anything to indicate this can be done for regular SSH access or System Manager access. Does anyone know if this type of restriction exists?

4 REPLIES 4

Re: Restricting NetApp Administration

jcolonfzenpr

Re: Restricting NetApp Administration

TMADOCTHOMAS

Interesting! Thank you @jcolonfzenpr . I am aware of firewall policies but have never fooled with them.

 

So essentially I could modify the default "mgmt" policy, which applies to all management LIFs, and change the allow-list to the IP's I want to have access? And that would prevent other IP's from SSH'ing in or accessing via System Manager (assuming I apply to all services)? Am I understanding this right?

Re: Restricting NetApp Administration

paul_stejskal

Correct. Just modify the firewall and you'll be good to go.

Re: Restricting NetApp Administration

TMADOCTHOMAS

Thank you @paul_stejskal !

Earn Rewards for Your Review!
GPI Review Banner
All Community Forums
Public