PingAccess uses ports and protocols to communicate with external components. This information provides guidance for firewall administrators to ensure the correct ports are available across network segments.
Direction refers to the direction of requests relative to PingAccess. Inbound requests are requests received by PingAccess from external components. Outbound requests are requests sent by PingAccess to external components.
Service | Port details | Source | Description |
---|---|---|---|
PingAccess administrative console |
|
PingAccess administrator browser, PingAccess administrative API REST calls, PingAccess replica admin and clustered engine nodes |
Used for incoming requests to the PingAccess administrative
console. Configurable using the |
PingAccess cluster communications port |
|
PingAccess administrator browser, PingAccess administrative API REST calls, PingAccess replica admin and clustered engine nodes |
Used for incoming requests where the clustered engines request
their configuration data. Configurable using the
|
PingAccess engine |
|
Client browser, mobile devices, PingFederate engine |
Used for incoming requests to the PingAccess runtime engine.
Configurable using the |
PingAccess agent |
|
PingAccess agent |
Used for incoming Agent requests to the PingAccess runtime
engine. Configurable using the |
PingFederate traffic |
|
PingAccess engine |
Used to validate OAuth access tokens, ID tokens, make security
token service (STS) calls for identity mediation, and return
authorized information about a user. Configurable using the
|
PingAccess cluster traffic |
|
PingAccess engine |
Used for communications between engine nodes in a cluster.
Configurable using the |
PingAccess cluster traffic |
|
PingAccess engine |
Used by other nodes in the cluster as part of the cluster's
failure-detection mechanism. Configurable using the
|
PingAccess cluster traffic |
|
PingAccess engine |
Used by other nodes in the same cluster to share information.
Configurable using the |
In addition to port 3000, additional engine listener ports defined in the configuration must be open as well.