Gateway Network Setup

IT-Conductor Gateway is a reverse proxy and requires specific port configurations and network access.

Important

IT-Conductor Gateway does not require the incoming connections to be enabled aside for the following exceptions:

  • SSH (Port 22) access to the host from the tenant's internal network for gateway configuration and troubleshooting.

  • Remote Gateway Configuration (port 8080). Not recommended, instead, use SSH and the command line interface. (Optional)

  • API Server (Port 8889) for local IT-Conductor Alert API (Optional)

  • IT-Conductor RSyslog Server (Port 514 UDP or TCP) (Optional)

IT-Conductor Cloud

The gateway is using HTTPS port 443 to communicate with IT-Conductor cloud services hosted on the public network as DNS name: agents.itconductor.com

Ensure that firewall rules and routing are properly configured. You can test access from the gateway SSH session by executing the following command:

curl -I https://agents.itconductor.com/status

If all is working properly the following output should be produced:

HTTP/2 200
date: <Day of the Week>, <Day> <Month> <Year> <Time>
content-security-policy: default-src 'self' http://docs.itconductor.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' http://docs.itconductor.com ; style-src 'self' http://docs.itconductor.com  data: 'unsafe-inline' *.google.com *.googleapis.com; connect-src 'self' blob: https://*.google.com; form-action 'self' http://docs.itconductor.com ; frame-ancestors 'self' http://docs.itconductor.com ; img-src 'self' *.itconductor.com *.gstatic.com http://translate.google.com  blob: data: 'self' 'unsafe-inline'; font-src 'self' fonts.gstatic.com fonts.googleapis.com blob: https://*.google.com data: 'unsafe-inline'; report-uri /cspReportViolation;
x-xss-protection: 1
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-type: text/html
cache-control: no-store
content-length: 0

On-Premise Applications

In addition to connecting to IT-Conductor cloud services on the public network, the gateway needs to be able to access systems and applications on the private network. The routing to application-specific hosts may require configuration in the gateway host routing settings.

Depending on the application type, the firewall must have the appropriate hosts, protocols, and ports enabled for incoming connection to the respective application from the IT-Conductor gateway.

SAP NetWeaver (ABAP)

SAP J2EE

SAP HANA

Host Agent

Other Systems and Applications

For other systems and applications, see port configurations below:

PreviousGateway SetupNextIT-Conductor Gateway Setup on Windows

Last updated