Identity Server by default listens on port 8443. It requires port 8443 to be opened in firewall for the communication between a browser and Identity Server. To avoid opening 8443 port in firewall, you can configure Identity Server to listen on standard port 443.
In Administration Console, click Devices > Identity Server > Edit, and configure the base URL with HTTPS as the protocol, and the TCP port as 443.
Click OK, then update Identity Server.
In a terminal window, open the server.xml file.
Windows Server 2012 R2: \Program Files (x86)\Novell\Tomcat\conf
Change the ports from 8080 and 8443 to 80 and 443 respectively.
Restart the Tomcat service.
On Linux, the Identity Server service (hosted on Tomcat) runs as a non-privileged user and cannot bind to ports below 1024. To allow requests to port 80/443 while Tomcat is listening on 8080/8443, the preferred approach is to use iptables to perform a port translation. Port translation allows the base URL of Identity Server to be configured for port 443 and to listen on this port. iptables translates it to port 8443 when communicating with Tomcat.
The following are two of many possible solutions:
Simple iptable Script: If you have disabled the SUSE Linux Enterprise Server (SLES) firewall and do not have any other Access Manager components installed on the Identity Server machine, you can use a simple iptables script to translate the ports. See A Simple Redirect Script
in the NetIQ Access Manager 4.3 Installation and Upgrade Guide.
If you have configured the SLES firewall or have installed other Access Manager components on Identity Server, you use a custom rule script that allows for multiple port translations. See Configuring iptables for Multiple Components
in the NetIQ Access Manager 4.3 Installation and Upgrade Guide.