ONTAP Discussions

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

ONTAP Discussions

Ask a Question

cifs witness port 40001/TCP & HTTPS Port - Listening binary protocol 5986/UDP

JohnOBrien
‎2017-08-17 06:55 AM
6,301 Views

HI All,

 

Going through a security review for Ontap 9.1 P1 and have been asked to explain what these ports are and why they are needed?

 

CIFS witness port 40001/TCP

HTTPS Port - Listening binary protocol 5986/UDP

 

Sec were given the ONTAP port usage on a storage system table from the guide:

 

Ontap 9 Network Management Guide https://library.netapp.com/ecm/ecm_download_file/ECMLP2492610

 

They are listed in the Ontap 9 Network Management Guide with no explination, also blind searches of the Internet and now.netapp.com have provided fruitless.

 

grateful for any help,

 

John

 

0 Kudos
View By:
1 ACCEPTED SOLUTION

AlexDawson
A-Team Tech Advisor A-Team Tech Advisor
‎2017-08-17 10:10 PM
6,266 Views

Hi there!

 

Port 40001 is used by the CIFS Witness protocol, which is used to maintain state between multiple nodes when there is a continuously available share configured on an SVM. If there is no CA share, this port will not be active. This is documented in this manual page - http://docs.netapp.com/ontap-9/index.jsp?topic=%2Fcom.netapp.doc.dot-cifs-hypv-sql%2FGUID-603DF167-08FB-4BA8-8DD8-49A6BB825434.html

 

Port 5986 is used for Remote Management by both ONTAP and Windows, through the OMI CIM. This can be connected to and authenticated against using cluster or SVM scope accounts.

 

Hope this helps!

View solution in original post

2 REPLIES 2

AlexDawson
A-Team Tech Advisor A-Team Tech Advisor
‎2017-08-17 10:10 PM
6,267 Views

Hi there!

 

Port 40001 is used by the CIFS Witness protocol, which is used to maintain state between multiple nodes when there is a continuously available share configured on an SVM. If there is no CA share, this port will not be active. This is documented in this manual page - http://docs.netapp.com/ontap-9/index.jsp?topic=%2Fcom.netapp.doc.dot-cifs-hypv-sql%2FGUID-603DF167-08FB-4BA8-8DD8-49A6BB825434.html

 

Port 5986 is used for Remote Management by both ONTAP and Windows, through the OMI CIM. This can be connected to and authenticated against using cluster or SVM scope accounts.

 

Hope this helps!

JohnOBrien
‎2017-08-18 04:44 AM
In response to AlexDawson
6,251 Views

Thanks Alex!

0 Kudos
All Community Forums
Public