Solved: Re: cifs witness port 40001/TCP & HTTPS Port - Listening binary protocol 5986/UDP

JohnOBrien · ‎2017-08-17

HI All,

Going through a security review for Ontap 9.1 P1 and have been asked to explain what these ports are and why they are needed?

CIFS witness port 40001/TCP

HTTPS Port - Listening binary protocol 5986/UDP

Sec were given the ONTAP port usage on a storage system table from the guide:

Ontap 9 Network Management Guide https://library.netapp.com/ecm/ecm_download_file/ECMLP2492610

They are listed in the Ontap 9 Network Management Guide with no explination, also blind searches of the Internet and now.netapp.com have provided fruitless.

grateful for any help,

John

AlexDawson · ‎2017-08-17

Hi there!

Port 40001 is used by the CIFS Witness protocol, which is used to maintain state between multiple nodes when there is a continuously available share configured on an SVM. If there is no CA share, this port will not be active. This is documented in this manual page - http://docs.netapp.com/ontap-9/index.jsp?topic=%2Fcom.netapp.doc.dot-cifs-hypv-sql%2FGUID-603DF167-08FB-4BA8-8DD8-49A6BB825434.html

Port 5986 is used for Remote Management by both ONTAP and Windows, through the OMI CIM. This can be connected to and authenticated against using cluster or SVM scope accounts.

Hope this helps!

View solution in original post

AlexDawson · ‎2017-08-17

Hi there!

Port 40001 is used by the CIFS Witness protocol, which is used to maintain state between multiple nodes when there is a continuously available share configured on an SVM. If there is no CA share, this port will not be active. This is documented in this manual page - http://docs.netapp.com/ontap-9/index.jsp?topic=%2Fcom.netapp.doc.dot-cifs-hypv-sql%2FGUID-603DF167-08FB-4BA8-8DD8-49A6BB825434.html

Port 5986 is used for Remote Management by both ONTAP and Windows, through the OMI CIM. This can be connected to and authenticated against using cluster or SVM scope accounts.

Hope this helps!

JohnOBrien · ‎2017-08-18

Thanks Alex!