Lobanz
Dabbler
- Joined
- Jul 2, 2023
- Messages
- 16
So, I have TrueNAS SCALE up and running and I like it a lot.
I've segmented the network so that all the servers, admin interfaces, etc are segregated on a separate VLAN (SERVERS) from all the rest of the normal devices (CLIENTS). pfSense is doing the routing and such. Everything plugs into a Cisco SG-500 gigabit switch.
So I figured I would expose SMB services to the CLIENTS network via a VLAN interface on TrueNAS. Thought it would be faster than having to route through pfSense. So TrueNAS has an interface on the CLIENTS network and I moved the binding of all the management interfaces only on the SERVERS network. I also bound NFS only to the SERVERS network since that's the only place it's used.
So, I did an nmap scan of the TrueNAS CLIENTS IP and got the following:
So, I only wanted the Samba ports: 137/udp, 138/udp, 139/tcp amd 445/tcp.
NFS is only bound to the SERVERS VLAN but for some reason it also shows up here.
I am using NUT, the built in UPS software (with pfSense as a slave). There was no option to control the binding of NUT.
Not sure why X11 or "zeroconf" is showing up.
So, is there a way to close these ports? Or should I just route SMB thru pfSense?
Thanks!
--- Lobanz
I've segmented the network so that all the servers, admin interfaces, etc are segregated on a separate VLAN (SERVERS) from all the rest of the normal devices (CLIENTS). pfSense is doing the routing and such. Everything plugs into a Cisco SG-500 gigabit switch.
So I figured I would expose SMB services to the CLIENTS network via a VLAN interface on TrueNAS. Thought it would be faster than having to route through pfSense. So TrueNAS has an interface on the CLIENTS network and I moved the binding of all the management interfaces only on the SERVERS network. I also bound NFS only to the SERVERS network since that's the only place it's used.
So, I did an nmap scan of the TrueNAS CLIENTS IP and got the following:
Nmap scan report for nas-1
Host is up (0.0033s latency).
Not shown: 1989 closed ports
PORT STATE SERVICE
111/tcp open rpcbind
139/tcp open netbios-ssn
445/tcp open microsoft-ds
3493/tcp open nut
5904/tcp open unknown
6000/tcp open X11
111/udp open rpcbind
123/udp open|filtered ntp
137/udp open netbios-ns
138/udp open|filtered netbios-dgm
5353/udp open|filtered zeroconf
So, I only wanted the Samba ports: 137/udp, 138/udp, 139/tcp amd 445/tcp.
NFS is only bound to the SERVERS VLAN but for some reason it also shows up here.
I am using NUT, the built in UPS software (with pfSense as a slave). There was no option to control the binding of NUT.
Not sure why X11 or "zeroconf" is showing up.
So, is there a way to close these ports? Or should I just route SMB thru pfSense?
Thanks!
--- Lobanz