Oracle Cloud Infrastructure Documentation

Configuring VCN Security List Rules for File Storage

When you create a VCN, a default security list is also created. Rules in the security list are used to allow or deny traffic to a subnet. Before you can mount a file system, you must configure security list rules to allow traffic to the mount target subnet. File Storage requires stateful ingress to TCP ports 111, 2048, 2049, and 2050 and stateful ingress to UDP ports 111 and 2048. File storage also requires stateful egress from TCP ports 111, 2048, 2049, and 2050 and stateful egress from UDP port 111.

This image shows the correct ingress rules for File Storage.

This image shows the correct egress rules for File Storage

See Security Lists for more information about how security lists work in Oracle Cloud Infrastructure. See About Security for information about how security lists work with other types of security in File Storage.

Required IAM Service Policy

To use Oracle Cloud Infrastructure, you must be given the required type of access in a An IAM document that specifies who has what type of access to your resources. It is used in different ways: to mean an individual statement written in the policy language; to mean a collection of statements in a single, named "policy" document (which has an Oracle Cloud ID (OCID) assigned to it); and to mean the overall body of policies your organization uses to control access to resources. written by an administrator, whether you're using the Console or the REST API with an SDK, CLI, or other tool. If you try to perform an action and get a message that you don’t have permission or are unauthorized, confirm with your administrator the type of access you've been granted and which A collection of related resources that can be accessed only by certain groups that have been given permission by an administrator in your organization. you should work in.

For administrators: The policy in Let network admins manage a cloud network covers management of all networking components, including security lists. See the Policy Reference for more information.

If you're new to policies, see Getting Started with Policies and Common Policies.

Using the Console

To configure security list rules for mount target traffic