Ports used
The software uses a number of ports by default:
Port number | Protocol | Description |
---|---|---|
1689 |
TCP/IP |
Port for Java Management extension (JMX) traffic, disabled by default. |
1812 |
UDP |
Port for AM’s RADIUS server, disabled by default. |
4444 |
TCP/IP |
Port for the embedded administration connector, enabled by default. |
8080 |
TCP/IP |
Web application container port number. |
8082 |
TCP/IP |
HTTP port for monitoring AM, disabled by default. |
8085 |
TCP/IP |
SNMP port for monitoring AM, disabled by default. |
9999 |
TCP/IP |
RMI port for monitoring AM, disabled by default. |
50389, 50899, 58989 |
TCP/IP |
Supports LDAP communication between embedded AM data stores. |
Sometimes multiple services are configured on a single system with slightly different port numbers. For example, while the default port number for a servlet container, such as Tomcat, is 8080, a second instance of Tomcat might be configured with a port number of 18080. In all cases shown, communications proceed using the protocol shown in the table.
When you configure a firewall for AM, make sure to include open ports for any installed and related components, including web services (80, 443), servlet containers (8009, 8080, 8443), and external applications.
Additional ports may be used, depending on other components of your deployment. If you are using ForgeRock Directory Services, see Administrative access in the DS documentation, for the list of default ports used by DS.