Dell PowerStore 7000X EMC PowerStore Planning Guide - Page 25

Table 8. Appliance network ports related to file continued

Get Dell PowerStore 7000X PDF manuals and user guides View all Dell PowerStore 7000X manuals
Add to My Manuals
Save this manual to your list of manuals

Page 25 highlights

Table 8. Appliance network ports related to file (continued) Port Service Protocol Access Direction 389 LDAP TCP/UDP Outbound 445 Microsoft SMB TCP Inbound 464 Kerberos TCP/UDP Outbound 500 IPsec (IKEv2) UDP Bi-directional 636 1234 2000 2049 3268 4000 4001 LDAPS NFS mountd TCP/UDP TCP/UDP SSHD NFS I/O LDAP TCP TCP/UDP UDP STATD for NFSv3 TCP/UDP Outbound Bi-directional Inbound Bi-directional Outbound Bi-directional NLMD for NFSv3 TCP/UDP Bi-directional Description enabled, this port is open. It is specifically required for SMB v1. Unsecure LDAP queries. If closed, Unsecure LDAP authentication queries will be unavailable. Secure LDAP is configurable as an alternative. SMB (on domain controller) and SMB connectivity port for Windows 2000 and later clients. Clients with legitimate access to the appliance SMB services must have network connectivity to the port for continued operation. Disabling this port disables all SMB related services. If port 139 is also disabled, SMB file sharing is disabled. Required for Kerberos authentication services and SMB. To make IPSec work through your firewalls, open UDP port 500 and permit IP protocol numbers 50 and 51 on both inbound and outbound firewall filters. UDP Port 500 should be opened to allow Internet Security Association and Key Management Protocol (ISAKMP) traffic to be forwarded through your firewalls. IP protocol ID 50 should be set to allow IPSec Encapsulating Security Protocol (ESP) traffic to be forwarded. IP protocol ID 51 should be set to allow Authentication Header (AH) traffic to be forwarded. If closed, IPsec connection between PowerStore appliances will be unavailable. Secure LDAP queries. If closed, secure LDAP authentication will be unavailable. Used for the mount service, which is a core component of the NFS service (versions 2, 3, and 4). SSHD for serviceability (optional) Used to provide NFS services. Unsecure LDAP queries. If closed, Unsecure LDAP authentication queries will be unavailable. Used to provide NFS statd services. statd is the NFS file-locking status monitor and works in conjunction with lockd to provide crash and recovery functions for NFS. If closed, NAS statd services will be unavailable. Used to provide NFS lockd services. lockd is the NFS file-locking daemon. It processes lock requests from NFS clients and works in conjunction with the statd Port Usage 25

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
Table 8. Appliance network ports related to file (continued)
Port
Service
Protocol
Access Direction
Description
enabled, this port is open. It is specifically
required for SMB v1.
389
LDAP
TCP/UDP
Outbound
Unsecure LDAP queries. If closed,
Unsecure LDAP authentication queries will
be unavailable. Secure LDAP is
configurable as an alternative.
445
Microsoft SMB
TCP
Inbound
SMB (on domain controller) and SMB
connectivity port for Windows 2000 and
later clients. Clients with legitimate
access to the appliance SMB services
must have network connectivity to the
port for continued operation. Disabling
this port disables all SMB related services.
If port 139 is also disabled, SMB file
sharing is disabled.
464
Kerberos
TCP/UDP
Outbound
Required for Kerberos authentication
services and SMB.
500
IPsec (IKEv2)
UDP
Bi-directional
To make IPSec work through your
firewalls, open UDP port 500 and permit
IP protocol numbers 50 and 51 on both
inbound and outbound firewall filters. UDP
Port 500 should be opened to allow
Internet Security Association and Key
Management Protocol (ISAKMP) traffic
to be forwarded through your firewalls. IP
protocol ID 50 should be set to allow
IPSec Encapsulating Security Protocol
(ESP) traffic to be forwarded. IP protocol
ID 51 should be set to allow
Authentication Header (AH) traffic to be
forwarded. If closed, IPsec connection
between PowerStore appliances will be
unavailable.
636
LDAPS
TCP/UDP
Outbound
Secure LDAP queries. If closed, secure
LDAP authentication will be unavailable.
1234
NFS mountd
TCP/UDP
Bi-directional
Used for the mount service, which is a
core component of the NFS service
(versions 2, 3, and 4).
2000
SSHD
TCP
Inbound
SSHD for serviceability (optional)
2049
NFS I/O
TCP/UDP
Bi-directional
Used to provide NFS services.
3268
LDAP
UDP
Outbound
Unsecure LDAP queries. If closed,
Unsecure LDAP authentication queries will
be unavailable.
4000
STATD for NFSv3
TCP/UDP
Bi-directional
Used to provide NFS statd services. statd
is the NFS file-locking status monitor and
works in conjunction with lockd to provide
crash and recovery functions for NFS. If
closed, NAS statd services will be
unavailable.
4001
NLMD for NFSv3
TCP/UDP
Bi-directional
Used to provide NFS lockd services. lockd
is the NFS file-locking daemon. It
processes lock requests from NFS clients
and works in conjunction with the statd
Port Usage
25