You can't access your file system - FSx for ONTAP

You can't access your file system

There are a number of potential causes for being unable to access your file system, each with their own resolution, as follows.

The file system elastic network interface was modified or deleted

You must not modify or delete any of the file system's elastic network interfaces. Modifying or deleting a network interface can cause a permanent loss of connection between your VPC and your file system. Create a new file system, and do not modify or delete the Amazon FSx elastic network interface. For more information, see File System Access Control with Amazon VPC .

The file system security group lacks the required inbound rules

Review the inbound rules specified in Amazon VPC security groups, and make sure that the security group associated with your file system has the corresponding inbound rules.

The compute instance's security group lacks the required outbound rules

Review the outbound rules specified in Amazon VPC security groups, and make sure that the security group associated with your compute instance has the corresponding outbound rules.

The compute instance's subnet doesn't use any of the route tables associated with your file system

Amazon FSx for NetApp ONTAP creates endpoints for accessing your file system in a VPC route table. You should configure your file system to use all the VPC route tables associated with the subnets in which your clients are located. By default, Amazon FSx uses your VPC's main route table, or you can optionally specify one or more route tables for Amazon FSx to use when you create your file system.

If you can ping your file system's Intercluster endpoint but cannot ping your file system's Management endpoint (see File system endpoints for more information), your client is likely not in a subnet that's associated with one of your file system's route tables. You can access your file system by associating one of your file system's route tables with your client's subnet

Can't access a file system over iSCSI from a client in another VPC

To access a file system over iSCSI from a client in another VPC, you can configure Amazon VPC Peering or AWS Transit Gateway between the VPC associated with your file system and the VPC in which your client resides. See Create and accept VPC peering connections in the Amazon Virtual Private Cloud guide for more information

Can't access a file system over NFS, SMB, the ONTAP CLI, or the ONTAP REST API from a client in another VPC or on-premises

To access a file system over NFS, SMB, or the ONTAP CLI and REST API from a client in another VPC or on premises, you must configure routing using AWS Transit Gateway between the VPC associated with your file system and the network in which your client resides. See Supported access environments for more information.