ONTAP Discussions

Restricting NetApp Administration

TMADOCTHOMAS

In the old 7-mode days, you could create a list of IP addresses on a filer that would restrict administration to someone coming from one of those IP's.

 

In cluster mode, you can do the same with the SP:

 

https://docs.netapp.com/ontap-9/topic/com.netapp.doc.dot-cm-sag/GUID-6FE269CD-335F-47C0-B9F7-6EF6E2546E52.html

 

However, I've not found anything to indicate this can be done for regular SSH access or System Manager access. Does anyone know if this type of restriction exists?

1 ACCEPTED SOLUTION

jcolonfzenpr
4 REPLIES 4

jcolonfzenpr

TMADOCTHOMAS

Interesting! Thank you @jcolonfzenpr . I am aware of firewall policies but have never fooled with them.

 

So essentially I could modify the default "mgmt" policy, which applies to all management LIFs, and change the allow-list to the IP's I want to have access? And that would prevent other IP's from SSH'ing in or accessing via System Manager (assuming I apply to all services)? Am I understanding this right?

Correct. Just modify the firewall and you'll be good to go.

Thank you @paul_stejskal !

Announcements
NetApp on Discord Image

We're on Discord, are you?

Live Chat, Watch Parties, and More!

Explore Banner

Meet Explore, NetApp’s digital sales platform

Engage digitally throughout the sales process, from product discovery to configuration, and handle all your post-purchase needs.

NetApp Insights to Action
I2A Banner
Public