This section describes the prerequisites for running API Gateway on the Axway Appliance Platform.
For more information on the license keys required for API Gateway, see the API Gateway Installation Guide.
The default ports enabled on the firewall for specific services are as follows:
|
Service |
Protocol |
Port |
| Apache ActiveMQ | TCP | 61616 |
| Apache Cassandra storage | TCP | 7000 |
| API Gateway | TCP | 8080, 8090 |
| FTP | TCP | 21 |
| FTPS (implicit) | TCP | 989, 990 |
| HTTP | TCP | 80 |
| HTTPS | TCP | 443 |
| IBM WebSphere MQ | TCP | 1414 |
| LDAP | TCP | 389 |
| LDAPS | TCP | 636 |
| MySQL DB | TCP | 3306 |
| NTP | UDP | 123 |
| Oracle DB | TCP | 1521 |
| POP3 | TCP | 110 |
| POP3S | TCP | 995 |
| Radius | TCP | 1545 |
| SNMP | TCP | 25 |
| SNMP | UDP | 161 |
| SonicMQ | UDP | 2506 |
| SSH | TCP | 22 |
| Syslog | UDP | 514 |
| Web Administration Interface | TCP | 10000 |
Virtual Router Redundancy Protocol (VRRP) access to 224.0.0.18
is also enabled for keepalived configuration. For more details, see High availability clustering with keepalived.
The API Gateway (vshell) process on the appliance runs as the administrator user. However, to allow the API Gateway process to listen on privileged Internet ports (less than 1024), the vshell
executable has been granted the CAP_NET_BIND
capability. From a security point of view, this is safer than running the API Gateway process as the superuser (root).
For more information on running API Gateway as a non-root user on UNIX/Linux, see the API Gateway Administrator Guide.