Appliance-Specific Communications and Ports
This table contains various requirements and recommendations specific to each RapidIdentity component.
Component | Requirement/Recommendation |
|---|---|
Connect | Internal network only. 443: internal, Portal server if in DMZ, and admin users. All other inbound ports should be restricted to access and from other RapidIdentity servers. Outbound ports depend on specific customer configuration and connected systems (e.g. AD, Oracle, CIFS Share, Amazon S3). |
Credential Provider | 8081 for RapidIdentity 2017.x.x if using an http URL only. |
Database Appliance | 443 inbound for admin users needing access. Internal network only. |
Federation | 443 inbound for all users needing access. Internal network, and external depending on organizational policies. 88 for Kerberos. |
Folders | 443 inbound for admin users. Internal network only. Outbound to access CIFS/DFS data shares. If NetBIOS is required, TCP 445 and UDP 137-139 are all necessary. |
Identity Bridge | No inbound ports are required to be open for the Identity Bridge agent installed on-premises, and the only outbound port that needs to be allowed through the firewall(s) for the agent is TCP 443. |
Portal | 443 inbound for all users needing access. Internal network, and external depending on organizational policies. Outbound ports depend on specific customer configuration and connected systems (e.g. AD, Oracle, CIFS Share, Amazon S3). If NetBIOS is required, TCP 445 and UDP 137-139 are all necessary |