Unofficial CA Single Sign-On Guide, Chapter 1: Ports!

One of the most common questions that comes up during CA Single Sign-On Professional Services engagements is: “What ports do I need to open for CA Single Sign-On?". This is generally followed by: “What does each port do?”. These are great questions and we wanted to consolidate the answers in one place. And so, without further ado, CoreBlox proudly presents our first chapter in our Unofficial CA Single Sign-On Guide: Ports!

When CA Single Sign-On is configured correctly, it just works and it works well! Sometimes getting through that initial configuration can be a bit like playing a game of Tetris, especially in an organization that relies on firewalls to control access to specific ports.

Below is a list of the default ports that are commonly associated with CA Single Sign-On implementations. By no means is this definitive, as configurations will vary between organization based upon requirements and standards. However, this is a good starting point when working with security and network teams during the installation and configuration of CA Single Sign-On.

Port # Use Open Between Comment
44441 Web Agent Accounting Port Web Agent / Policy Server Accounting Port
44442 Web Agent Authentication Port Web Agent / Policy Server * Required - Peforms Authentication Requests to Policy Server
44443 Web Agent Authorization Port Web Agent / Policy Server * Required - Peforms Authorization Requests to Policy Server
44444 Web Agent Administration Port Policy Server Not used by the WebAgent , Used by Policy Server for AdminUI
8080 AdminUI HTTP Browser / AdminUI Service Used for non-secure connection to the WAMUI console
8443 AdminUI HTTPS Browser / AdminUI Service Used for secure connection to the WAMUI console
8180 JBOSS Service Ports Browser / JBOSS Not used in normal operation
389 LDAP Policy Server / User-Policy Store Used for non-secure connection to an LDAP Sever
636 LDAP (Secure) Policy Server / User-Policy Store Used for secure-connection to an LDAP Server
1433 SQL Policy Server / User-Policy Store Used for communication with an SQL data source
44449 OneView Agent OneView Agent/ OneView Montor Used for communication between the OneView Agent and Montitor
44450 OneView Monitor Browser / OneView Monitor Port used by the OneView Montior
7680 Enhanced Assurance/Device DNA Access Gateway / Policy Server Used for Session Assurance Functionality
8080 Access Gateway ProxyUI Browser / ProxyUI Should not be installed on same server as AdminUI
543 Access Gateway ProxyUI Browser / AdminUI Service SSL for port for ProxyUI
8001 SMNP Agent SMNP Agent / SMNP Monitor Used if SMNP has been configured
161 SMNP Port SMNP Service Used if SMNP has been configured
80 HTTP Browser / WebAgent Standard Communication Port
443 HTTPS Browser / WebAgent Standard Communication Port