HTTP/HTTPS requests to non-standard ports on the Web Security Service
Last Updated May 23, 2019
HTTP/HTTPS over non-standard ports is required by service used through the Web Security Service.
Depending on the access method, the cloud service might or might not accept an HTTP/HTTPS request to a non-standard port. An example would be a service that uses port 3126 to make requests or a request from browser as https://www.example.com:9090/
Non-standard ports use for HTTP/HTTPS traffic based on the access method list:
IP-Sec access method: Depends on the license. The standard license does not support non-standard ports. Customer can purchase an "All Port License" to let these communication through.
Explicit Proxy: Supported for HTTP requests. For HTTPS (or CONNECT), requests to ports 22, 23, 25, 53, 161, 445, 3389, 5500, 5900..5999, 9001 are denied.
Proxy Forwarding access method: It depends on the ability of the forwarding proxy to accept the request from the users and forward to the cloud along with other requests on port 8080.
Unified Agent: Supported.
1) In case the access method in use is Unified Agent, you can configure the forwarding ports in your portal account at Service > Mobility. In the Forward Ports area, click Edit and add the additional port.
2) In case the access method is Explicit Proxy, if customer would like to allow access to the blocked non-standard ports mentioned above, bypass the domain/IP Address from WSS by using Bypass list. (Service > Network > Bypassed Sites) . Then allow these domain/IPs through their local Firewall/Gateway.
Imported Document ID: 000008444
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe