Security group rules for Azure Edit on GitHub

Cloud Manager creates Azure security groups that include the inbound and outbound rules that Cloud Manager and ONTAP Cloud need to operate successfully. You might want to refer to the ports for testing purposes or if you prefer your to use own security groups.

Security group rules for Cloud Manager

Inbound rules

The source for inbound rules is 0.0.0.0/0.

Type Port range Purpose

SSH

22

SSH connections to Cloud Manager

HTTP

80

Accessing the Cloud Manager console

HTTPS

443

Accessing the Cloud Manager console

Outbound rules

Type Port range Purpose

All TCP

All

All outbound traffic

All UDP

All

All outbound traffic

Security group rules for ONTAP Cloud

Inbound rules

The source for inbound rules is 0.0.0.0/0.

Type Port range Purpose

All ICMP

All

Pinging the instance

Custom TCP Rule

111

Portmapper

Custom TCP Rule

139

NetBIOS

Custom TCP Rule

161-162

SNMP

Custom TCP Rule

445

Microsoft SMB

Custom TCP Rule

635

NFS mount

Custom TCP Rule

749

Kerberos

Custom TCP Rule

2049

NFS

Custom TCP Rule

3260

iSCSI

Custom TCP Rule

4045-4046

NFS mountd

Custom TCP Rule

10000

NDMP

Custom TCP Rule

11104-11105

Intercluster management and data

Custom UDP Rule

111

Portmapper

Custom UDP Rule

161-162

SNMP

Custom UDP Rule

635

NFS mount

Custom UDP Rule

2049

NFS

Custom UDP Rule

4045-4046

NFS mountd

HTTP

80

System Manager access

HTTPS

443

System Manager access

SSH

22

SSH to the CLI

Outbound rules

Type Port range Purpose

All ICMP

All

All outbound traffic (SnapMirror and SnapVault)

All TCP

All

All outbound traffic

All UDP

All

All outbound traffic