Firewall port configuration

Which firewall ports should be open for the inway component and the outway component?

based on the documentation steps I think:


  • outbound 443
  • inbound 4080


  • outbound 443 & 4443
  • inbound 443

This depends on the arguments given to the inway and outway.

The outway does not require any ingress firewall rules, as long as it is reachable for the application that needs to use it on the internal network.
The outway does require access to the public internet. The destination tcp ports depend on configuration of inways in other organizations. In most cases it will be enough to open egress to tcp/443 and tcp/8443.

The inway requires egress to tcp/443.
The inway requires an ingress firewall rule for the tcp port it is listening on. This depends on configuration. By default the inway process listens on tcp/8443. When running the inway in a docker container, that port may be mapped to port tcp/443 or tcp/8443 on the host interface.