Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
cifs witness port 40001/TCP & HTTPS Port - Listening binary protocol 5986/UDP
2017-08-17
06:55 AM
5,828 Views
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
HI All,
Going through a security review for Ontap 9.1 P1 and have been asked to explain what these ports are and why they are needed?
CIFS witness port 40001/TCP
HTTPS Port - Listening binary protocol 5986/UDP
Sec were given the ONTAP port usage on a storage system table from the guide:
Ontap 9 Network Management Guide https://library.netapp.com/ecm/ecm_download_file/ECMLP2492610
They are listed in the Ontap 9 Network Management Guide with no explination, also blind searches of the Internet and now.netapp.com have provided fruitless.
grateful for any help,
John
Solved! See The Solution
1 ACCEPTED SOLUTION
JohnOBrien has accepted the solution
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi there!
Port 40001 is used by the CIFS Witness protocol, which is used to maintain state between multiple nodes when there is a continuously available share configured on an SVM. If there is no CA share, this port will not be active. This is documented in this manual page - http://docs.netapp.com/ontap-9/index.jsp?topic=%2Fcom.netapp.doc.dot-cifs-hypv-sql%2FGUID-603DF167-08FB-4BA8-8DD8-49A6BB825434.html
Port 5986 is used for Remote Management by both ONTAP and Windows, through the OMI CIM. This can be connected to and authenticated against using cluster or SVM scope accounts.
Hope this helps!
2 REPLIES 2
JohnOBrien has accepted the solution
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi there!
Port 40001 is used by the CIFS Witness protocol, which is used to maintain state between multiple nodes when there is a continuously available share configured on an SVM. If there is no CA share, this port will not be active. This is documented in this manual page - http://docs.netapp.com/ontap-9/index.jsp?topic=%2Fcom.netapp.doc.dot-cifs-hypv-sql%2FGUID-603DF167-08FB-4BA8-8DD8-49A6BB825434.html
Port 5986 is used for Remote Management by both ONTAP and Windows, through the OMI CIM. This can be connected to and authenticated against using cluster or SVM scope accounts.
Hope this helps!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks Alex!
