CA API Gateway: Configure Gateway to Accept Traffic on Ports 80 and 443

Document ID : KB000042910
Last Modified Date : 28/09/2018
Show Technical Document Details
Introduction:
  • Ports 80 and 443 are standardized port numbers for HTTP and HTTPS.
  • The CA API Gateway does not accept traffic on these ports by default.
  • The Gateway uses ports 8080 for HTTP and 8443 & 9443 for HTTPS traffic out of the box.
  • Typically, a load balancer would be used in front of the Gateway to accept traffic on port 80 or 443 and would then forward to the Gateway over 8080 or 8443. When a load balancer is not possible in the workflow, then the Gateway can be configured to accept traffic itself.
Question:
  • Can I configure the CA API Gateway ("Gateway") to accept traffic on ports 80 or 443 or any other similar standard lower port numbers?
Answer:
  • The Gateway can be configured to accept traffic on lower port numbers. This includes 80 and 443.
  • The Gateway uses the built-in firewall to achieve this use-case.
    • At a high level, all that needs to be done to achieve this use-case is to add a firewall rule with an action of "redirect", set the lower number and the target number, and save the new rule. Detailed instructions to achieve this are further down in this knowledge article.
    • The Gateway appliance comes with a series of pre-configured rules. These rules are not present in the Manage Firewall Rules dialog as they cannot be modified by this feature.
    • The firewall rules for a cluster of Gateways can be configured via the Manage Firewall Rules dialog within the Manage Listen Ports task. This capability allows administrative users to configure the software firewall of the Gateway cluster without requiring a user or administrator to have superuser privileges.
  • The documentation to achieve this use-case is now included directly on the Manage Firewall Rules page in the Gateway documentation. Please view the product documentation for more information.
Additional Information: