Remove cluster peering encryption from an existing peer relationship
-
PDF of this doc site
- Cluster administration
-
Volume administration
- Logical storage management with the CLI
-
NAS storage management
- Configure NFS with the CLI
- Manage NFS with the CLI
-
Manage SMB with the CLI
- Manage file access using SMB
- Security and data encryption
- Data protection and disaster recovery
Collection of separate PDF docs
Creating your file...
By default, cluster peering encryption is enabled on all peer relationships created in ONTAP 9.6 or later. If you do not want to use encryption for cross-cluster peering communications, you can disable it.
-
On the destination cluster, modify communications with the source cluster to discontinue use of cluster peering encryption:
-
To remove encryption, but maintain authentication enter:
cluster peer modify <source_cluster> -auth-status-admin use-authentication -encryption-protocol-proposed none
-
To remove encryption and authentication:
-
Modify the cluster peering policy to allow unauthenticated access:
cluster peer policy modify -is-unauthenticated-access-permitted true
-
Modify encryption and authentication access:
cluster peer modify <source_cluster> -auth-status no-authentication
-
-
-
When prompted enter the passphrase.
-
Confirm the passphrase by re-entering it.
-
On the source cluster, disable encryption for communication with the destination cluster:
-
To remove encryption, but maintain authentication enter:
cluster peer modify <destination_cluster> -auth-status-admin use-authentication -encryption-protocol-proposed none
-
To remove encryption and authentication:
-
Modify the cluster peering policy to allow unauthenticated access:
cluster peer policy modify -is-unauthenticated-access-permitted true
-
Modify encryption and authentication access:
cluster peer modify <destination_cluster> -auth-status no-authentication
-
-
-
When prompted, enter and re-enter the same passphrase you used on the destination cluster.