IMPORTANT:Ports 443 and 80 are used inside the Advanced Authentication Server appliance and cannot be changed.
Port forwarding is supported but is not recommended. In this case the entire appliance will be available via the Internet. It is recommended to use reverse proxy to map only specific URLs.
Advanced Authentication Server Appliance uses the following RFC standard ports by default:
|
Service |
Port |
Protocol |
Usage |
|---|---|---|---|
|
REST |
443 |
HTTPS |
All Communications |
|
Administrative portal, Self-Service portal, Helpdesk portal, Reporting portal |
443 |
HTTPS |
All Communications (<AAServer>/admin, <AAServer>/account, <AAServer>/helpdesk, <AAServer>/report) |
|
Server Update |
443 |
HTTPS |
Update channel: appliance - update server (repo.authasas.com) |
|
Database replication |
5432: This port is required only for the installation of a new DB Server. Then the port must be closed. |
TCP, UDP |
Database replication between DB servers |
|
Database replication |
8080 |
TCP, UDP |
Database replication between DB servers |
Advanced Authentication Server Appliance uses the following ports required for the different methods:
|
Service |
Port |
Protocol |
Usage |
|---|---|---|---|
|
RADIUS |
1812 |
TCP, UDP |
Authentication |
|
RADIUS |
1813 |
TCP, UDP |
Accounting |
|
E-Mail Service |
Variable |
SMTP |
E-Mail Traffic |
|
NotarisID |
Variable |
HTTPS |
NotarisID Traffic to notarisid.nid-int.avisi.nl |
|
Voice Call Service |
Variable |
HTTPS |
Communication to Twilio service |
|
Smartphone |
Variable |
HTTPS |
All Communications (<AAServer>/smartphone) |
|
SMS |
Variable |
HTTPS |
Communication to a used SMS service |
|
Swisscom Mobile ID |
Variable |
HTTPS |
Communication to the specified Swisscom Mobile ID service URL |
IMPORTANT:Any port can be used in case of reverse proxying. E.g., https://dnsname:888/smartphone. There is reverse proxy redirect from port 888 to port 443 internally to appliance. Port 888 is used from outside, but port 443 is used inside the appliance.