PingIntelligence

Customizing ASE ports

ASE uses default ports as defined in the table below. If any port configured in ase.conf file is unavailable, ASE will not start.

Port Number Usage

80

Data port. HTTP and WebSocket (ws) connections. If you are installing ASE as a non-root user, then use port greater than 1024.

443

Data port. HTTPS and Secure WebSocket (wss) connections. If you are installing ASE as a non-root user, then use port greater than 1024.

8010

Management port. Used by CLI and REST API for managing ASE.

8020

Cluster port. Used by ASE internally to set up the cluster.

8080

ABS port. Used by ASE for outbound connections to ABS for sending access logs and receive attack information.

The management ports 8010 and 8020 should not be exposed to the internet and are strictly for internal use. Make sure that these ports are behind your firewall.

In an AWS environment, both management ports should be private in the Security Group for ASE.

Security Group “ase”:

port 80: Accessible from any client (note: not secure)

port 443: Accessible from any client

port 8010: Accessible from management systems and administrators

port 8020: Accessible from peer ASE nodes NOTE: If you are setting up the deployment in an AWS environment with security groups, use private IPs for ABS connections to avoid security group issues.