Dell PowerStore 1000T EMC PowerStore Security Configuration Guide - Page 29
Table 3. Appliance network ports related to file continued, Service, Protocol, Access Direction
View all Dell PowerStore 1000T manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 29 highlights
Table 3. Appliance network ports related to file (continued) Port Service Protocol Access Direction 464 Kerberos TCP/UDP Outbound 500 IPsec (IKEv2) UDP Bi-directional 636 1234 2000 2049 3268 4000 4001 4002 4003 4658 8888 LDAPS NFS mountd TCP/UDP TCP/UDP SSHD NFS I/O LDAP TCP TCP/UDP UDP STATD for NFSv3 TCP/UDP Outbound Bi-directional Inbound Bi-directional Outbound Bi-directional NLMD for NFSv3 TCP/UDP Bi-directional RQUOTAD for NFSv3 TCP/UDP; UDP Inbound; Outbound XATTRPD (extended TCP/UDP file attribute) PAX (NAS server TCP archive) RCPD (replication TCP data path) Inbound Inbound Inbound Description network connectivity to the port for continued operation. Disabling this port disables all SMB related services. If port 139 is also disabled, SMB file sharing is disabled. Required for Kerberos authentication services and SMB. To make IPSec work through your firewalls, open UDP port 500 and permit IP protocol numbers 50 and 51 on both inbound and outbound firewall filters. UDP Port 500 should be opened to allow Internet Security Association and Key Management Protocol (ISAKMP) traffic to be forwarded through your firewalls. IP protocol ID 50 should be set to allow IPSec Encapsulating Security Protocol (ESP) traffic to be forwarded. IP protocol ID 51 should be set to allow Authentication Header (AH) traffic to be forwarded. If closed, IPsec connection between PowerStore appliances will be unavailable. Secure LDAP queries. If closed, secure LDAP authentication will be unavailable. Used for the mount service, which is a core component of the NFS service (versions 2, 3, and 4). SSHD for serviceability (optional) Used to provide NFS services. Unsecure LDAP queries. If closed, Unsecure LDAP authentication queries will be unavailable. Used to provide NFS statd services. statd is the NFS file-locking status monitor and works in conjunction with lockd to provide crash and recovery functions for NFS. If closed, NAS statd services will be unavailable. Used to provide NFS lockd services. lockd is the NFS file-locking daemon. It processes lock requests from NFS clients and works in conjunction with the statd daemon. If closed, NAS lockd services will be unavailable. Used to provide NFS rquotad services. The rquotad daemon provides quota information to NFS clients that have mounted a file system. If closed, NAS rquotad services will be unavailable. Required for managing file attributes in a multi-protocol environment. PAX is an appliance archive protocol that works with standard UNIX tape formats. Used by the replicator (on the secondary side). It is left open by the replicator as soon Communication security settings 29