Dell PowerStore 1200T EMC PowerStore Planning Guide - Page 28

Table 12. Appliance network ports related to file continued

Page 28 highlights

Table 12. Appliance network ports related to file (continued) Port Service Protocol Access Direction otherwise, host service) 123 NTP UDP Outbound 135 Microsoft RPC TCP Inbound 137 Microsoft Netbios UDP; TCP/UDP Inbound; Outbound WINS 138 Microsoft Netbios UDP Outbound BROWSE 139 Microsoft SMB TCP Bi-directional 162 or between 1024 - 49151 SNMP 389 LDAP UDP Outbound TCP/UDP Outbound 445 Microsoft SMB TCP Inbound 464 Kerberos TCP/UDP Outbound 500 IPsec (IKEv2) UDP Bi-directional Description stopped. By definition, if a client system has network connectivity to the port, it can query it. No authentication is performed. NTP time synchronization. If closed, time will not be synchronized among appliances. Multiple purposes for Microsoft Client. The NETBIOS Name Service is associated with the appliance SMB file sharing services and is a core component of that feature (Wins). If disabled, this port disables all SMB related services. The NETBIOS Datagram Service is associated with the appliance SMB file sharing services and is a core component of that feature. Only Browse service is used. If disabled, this port disables Browsing capability. The NETBIOS Session Service is associated with appliance SMB file sharing services and is a core component of that functionality. If SMB services are enabled, this port is open. It is specifically required for SMB v1. SNMP communications. If closed, storage system alert mechanisms which rely on SNMP will not be sent. The default port set for SNMP is 162. Unsecure LDAP queries. If closed, Unsecure LDAP authentication queries will be unavailable. Secure LDAP is configurable as an alternative. SMB (on domain controller) and SMB connectivity port for Windows 2000 and later clients. Clients with legitimate access to the appliance SMB services must have network connectivity to the port for continued operation. Disabling this port disables all SMB related services. If port 139 is also disabled, SMB file sharing is disabled. Required for Kerberos authentication services and SMB. To make IPSec work through your firewalls, open UDP port 500 and permit IP protocol numbers 50 and 51 on both inbound and outbound firewall filters. UDP Port 500 should be opened to allow Internet Security Association and Key Management Protocol (ISAKMP) traffic to be forwarded through your firewalls. IP protocol ID 50 should be set to allow IPSec Encapsulating Security Protocol (ESP) traffic to be forwarded. 28 Port usage

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34

Table 12. Appliance network ports related to file (continued)
Port
Service
Protocol
Access Direction
Description
otherwise, host
service)
stopped. By definition, if a client system
has network connectivity to the port,
it can query it. No authentication is
performed.
123
NTP
UDP
Outbound
NTP time synchronization. If closed,
time will not be synchronized among
appliances.
135
Microsoft RPC
TCP
Inbound
Multiple purposes for Microsoft Client.
137
Microsoft Netbios
WINS
UDP; TCP/UDP
Inbound; Outbound
The NETBIOS Name Service is associated
with the appliance SMB file sharing
services and is a core component of
that feature (Wins). If disabled, this port
disables all SMB related services.
138
Microsoft Netbios
BROWSE
UDP
Outbound
The NETBIOS Datagram Service is
associated with the appliance SMB file
sharing services and is a core component
of that feature. Only Browse service
is used. If disabled, this port disables
Browsing capability.
139
Microsoft SMB
TCP
Bi-directional
The NETBIOS Session Service is
associated with appliance SMB file
sharing services and is a core component
of that functionality. If SMB services are
enabled, this port is open. It is specifically
required for SMB v1.
162 or between
1024 - 49151
SNMP
UDP
Outbound
SNMP communications. If closed, storage
system alert mechanisms which rely on
SNMP will not be sent. The default port
set for SNMP is 162.
389
LDAP
TCP/UDP
Outbound
Unsecure LDAP queries. If closed,
Unsecure LDAP authentication queries
will be unavailable. Secure LDAP is
configurable as an alternative.
445
Microsoft SMB
TCP
Inbound
SMB (on domain controller) and SMB
connectivity port for Windows 2000
and later clients. Clients with legitimate
access to the appliance SMB services
must have network connectivity to the
port for continued operation. Disabling
this port disables all SMB related services.
If port 139 is also disabled, SMB file
sharing is disabled.
464
Kerberos
TCP/UDP
Outbound
Required for Kerberos authentication
services and SMB.
500
IPsec (IKEv2)
UDP
Bi-directional
To make IPSec work through your
firewalls, open UDP port 500 and permit
IP protocol numbers 50 and 51 on both
inbound and outbound firewall filters.
UDP Port 500 should be opened to
allow Internet Security Association and
Key Management Protocol (ISAKMP)
traffic to be forwarded through your
firewalls. IP protocol ID 50 should be
set to allow IPSec Encapsulating Security
Protocol (ESP) traffic to be forwarded.
28
Port usage