This documentation is for WSO2 Private PaaS 4.0.0. View documentation for the latest release.
Required Ports - WSO2 Private PaaS 4.0.0 - WSO2 Documentation
||
Skip to end of metadata
Go to start of metadata

When you are creating a security group, you need to enable the following ports:

In a production environment it is recommended to use the HTTPS port instead of the HTTP port.

Port#Port DescriptionSuggestions for Access Restrictions
Common Ports
22SSH port. Clients will use this port to ssh into the EC2 instance. Open to outside access
Private PaaS Instance
9443 HTTPS port to access the WSO2 Private PaaS Management Console.Open to outside access
9763 HTTP port to access the WSO2 Private PaaS Management Console.Open to outside access
9444Management console port to BAM server.Open to outside access
8291

GitBlit HTTP port.

This port is optional as it is only needed if GitBlit is used.

Open to outside access
8443

GitBlit HTTPS port.

This port is optional as it is only needed if GitBlit is used.


Open to outside access

8140Puppet Master port.Open to outside access
3306MySQL port.Open to outside access
7711

Cartridge agents publish statistics to CEP.

If CEP and BAM are both being used, then you need to enable port offset in one of the products.

Open to outside access
7711

Carbon products publish logs to BAM.

If CEP and BAM are both being used, then you need to enable port offset in one of the products.

 

Open to outside access
61616ActiveMQ portOpen to outside access
Carbon Cartridge Instances  
80, 8280Load Balancer HTTP proxy port.Open to outside access
443, 8243Load Balancer HTTPS proxy port.Open to outside access
9443 HTTPS port to access the Management Console.Open to outside access
9763 HTTP port to access the Management Console.Open to outside access
4000Hazlecast port for clustering products.Restricted internal access
8280 HTTP port for Pass-Through transport of ESB or APIM.Open to outside access
8243 HTTPS port for Pass-Through transport of ESB or APIM.Open to outside access

If all the instances are fronted by Load Balancer then only the Load Balancer port needs to be open to outside access and all other ports can be restricted to internal access.

  • No labels