---
title: Customizing ASE ports
description: ASE uses default ports as defined in the table below. If any port configured in ase.conf file is unavailable, ASE will not start.
component: pingintelligence
version: 5.1
page_id: pingintelligence:api_security_enforcer:pingintelligence_customizing_ase_ports
canonical_url: https://docs.pingidentity.com/pingintelligence/5.1/api_security_enforcer/pingintelligence_customizing_ase_ports.html
revdate: April 24, 2024
---

# Customizing ASE ports

ASE uses default ports as defined in the table below. If any port configured in `ase.conf` file is unavailable, ASE will not start.

| **Port Number** | **Usage**                                                                                                                               |
| --------------- | --------------------------------------------------------------------------------------------------------------------------------------- |
| 80              | Data port. HTTP and WebSocket (ws) connections. If you are installing ASE as a non-root user, then use port greater than 1024.          |
| 443             | Data port. HTTPS and Secure WebSocket (wss) connections. If you are installing ASE as a non-root user, then use port greater than 1024. |
| 8010            | Management port. Used by CLI and REST API for managing ASE.                                                                             |
| 8020            | Cluster port. Used by ASE internally to set up the cluster.                                                                             |
| 8080            | ABS port. Used by ASE for outbound connections to ABS for sending access logs and receive attack information.                           |

|   |                                                                                                                                                                  |
| - | ---------------------------------------------------------------------------------------------------------------------------------------------------------------- |
|   | The management ports 8010 and 8020 should not be exposed to the internet and are strictly for internal use. Make sure that these ports are behind your firewall. |

In an AWS environment, both management ports should be private in the Security Group for ASE.

**Security Group "ase":**

`port 80`: Accessible from any client (note: not secure)

`port 443`: Accessible from any client

`port 8010`: Accessible from management systems and administrators

`port 8020`: Accessible from peer ASE nodes NOTE: If you are setting up the deployment in an AWS environment with security groups, use private IPs for ABS connections to avoid security group issues.