Ports Used
The software uses a number of ports by default.
Default ports are shown in the following table:
Port Number | Protocol | Description |
---|---|---|
1689 | TCP/IP | Port for Java Management eXtension traffic, disabled by default |
1812 | UDP | Port for AM's RADIUS server, disabled by default |
4444 | TCP/IP | Port for the embedded administration connector, enabled by default. |
8080 | TCP/IP | Web application container port number |
8082 | TCP/IP | HTTP port for monitoring AM, disabled by default |
8085 | TCP/IP | SNMP port for monitoring AM, disabled by default |
9999 | TCP/IP | RMI port for monitoring AM, disabled by default. |
50389, 50899, 58989 | TCP/IP | Supports LDAP communication between embedded AM data stores. |
Sometimes multiple services are configured on a single system with slightly different port numbers. For example, while the default port number for a servlet container such as Tomcat is 8080, a second instance of Tomcat might be configured with a port number of 18080. In all cases shown, communications proceed using the protocol shown in the table.
When you configure a firewall for AM, make sure to include open ports for any installed and related components, including web services (80, 443), servlet containers (8009, 8080, 8443), and external applications.
Additional ports may be used, depending on other components of your deployment. If you are using external DS servers, refer to the Administrative Access section of the ForgeRock Directory Services Security Guide.