This documentation is for a previous release of Cloud Manager. Go to the docs for the latest release.
Security group rules for Azure
Contributors
Cloud Manager creates Azure security groups that include the inbound and outbound rules that Cloud Manager and ONTAP Cloud need to operate successfully. You might want to refer to the ports for testing purposes or if you prefer your to use own security groups.
Security group rules for Cloud Manager
Inbound rules
The source for inbound rules is 0.0.0.0/0.
| Type | Port range | Purpose |
|---|---|---|
SSH |
22 |
SSH connections to Cloud Manager |
HTTP |
80 |
Accessing the Cloud Manager console |
HTTPS |
443 |
Accessing the Cloud Manager console |
Outbound rules
| Type | Port range | Purpose |
|---|---|---|
All TCP |
All |
All outbound traffic |
All UDP |
All |
All outbound traffic |
Security group rules for ONTAP Cloud
Inbound rules
The source for inbound rules is 0.0.0.0/0.
| Type | Port range | Purpose |
|---|---|---|
All ICMP |
All |
Pinging the instance |
Custom TCP Rule |
111 |
Portmapper |
Custom TCP Rule |
139 |
NetBIOS |
Custom TCP Rule |
161-162 |
SNMP |
Custom TCP Rule |
445 |
Microsoft SMB |
Custom TCP Rule |
635 |
NFS mount |
Custom TCP Rule |
749 |
Kerberos |
Custom TCP Rule |
2049 |
NFS |
Custom TCP Rule |
3260 |
iSCSI |
Custom TCP Rule |
4045-4046 |
NFS mountd |
Custom TCP Rule |
10000 |
NDMP |
Custom TCP Rule |
11104-11105 |
Intercluster management and data |
Custom UDP Rule |
111 |
Portmapper |
Custom UDP Rule |
161-162 |
SNMP |
Custom UDP Rule |
635 |
NFS mount |
Custom UDP Rule |
2049 |
NFS |
Custom UDP Rule |
4045-4046 |
NFS mountd |
HTTP |
80 |
System Manager access |
HTTPS |
443 |
System Manager access |
SSH |
22 |
SSH to the CLI |
Outbound rules
| Type | Port range | Purpose |
|---|---|---|
All ICMP |
All |
All outbound traffic (SnapMirror and SnapVault) |
All TCP |
All |
All outbound traffic |
All UDP |
All |
All outbound traffic |