Customizing ASE ports
ASE uses default ports as defined in the table below. If any port configured in ase.conf file is unavailable, ASE will not start.
| Port Number | Usage |
|---|---|
80 |
Data port. HTTP and WebSocket (ws) connections. If you are installing ASE as a non-root user, then use port greater than 1024. |
443 |
Data port. HTTPS and Secure WebSocket (wss) connections. If you are installing ASE as a non-root user, then use port greater than 1024. |
8010 |
Management port. Used by CLI and REST API for managing ASE. |
8020 |
Cluster port. Used by ASE internally to set up the cluster. |
8080 |
ABS port. Used by ASE for outbound connections to ABS for sending access logs and receive attack information. |
| The management ports 8010 and 8020 should not be exposed to the internet and are strictly for internal use. Make sure that these ports are behind your firewall. |
In an AWS environment, both management ports should be private in the Security Group for ASE.
Security Group “ase”:
port 80: Accessible from any client (note: not secure)
port 443: Accessible from any client
port 8010: Accessible from management systems and administrators
port 8020: Accessible from peer ASE nodes
NOTE: If you are setting up the deployment in an AWS environment with security groups, use private IPs for ABS connections to avoid security group issues.