Dear colleagues,

don’t thank me!

BACK-END = Authentication Manager Primary/replica instances

JH = JumpHost / Endpoint device

• Operation on the back-end
  • JH -> 22/tcp (default SSH Access to the appliance)
  • JH -> 80/tcp (Quick Setup)
  • JH -> 443/tcp (Quick Setup)
  • JH -> 8443/tcp (Update Status)
  • JH -> 7004/tcp (Default Security Console)
  • JH -> 7072/tcp (Default Operator Console)
• Replication between instances
  • Primary Instance  <-> Replica Instance 7002/tcp
  • Primary Instance  <-> Replica Instance 1812/tcp (RADIUS)
  • Primary Instance  <-> Replica Instance 1713/tcp (RADIUS)
• Application authentication profiles
  • generic RSA Agent
    • Agent_x -> Selected_instances 5500/tcp/udp (RSA Agent Authentication)
    • Agent_x -> Selected_instances 5500/tcp (RSA Agent Autoregistration, if enabled)
    • Agent_x -> Selected_instances 5580/tcp (RSA Agent Offline Authentication, if enabled)
  • generic RADIUS client
    • Radius_client -> Selected_instances 1645/udp, 1646/udp (Legacy Radius Authentication, Accounting)
    • Radius_client -> Selected_instances 1812/udp, 1813/udp (Radius Authentication, Accounting)