Port requirements for Tape Gateway - AWS Storage Gateway

Port requirements for Tape Gateway

Storage Gateway requires the following ports for its operation. Some ports are common to and required by all gateway types. Other ports are required by specific gateway types. In this section, you can find an illustration and a list of the required ports for Tape Gateway.

Tape Gateway

The following illustration shows all of the ports you need to open for Tape Gateway gateway operation.

network resources connected to Storage Gateway using various ports.

The following ports are common to and required by all gateway types.

From

To

Protocol

Port

How Used

Storage Gateway VM

AWS

Transmission Control Protocol (TCP)

443 (HTTPS)

For communication from an Storage Gateway outbound VM to an AWS service endpoint. For information about service endpoints, see Allowing AWS Storage Gateway access through firewalls and routers.

Your web browser

Storage Gateway VM

TCP

80 (HTTP)

By local systems to obtain the Storage Gateway activation key. Port 80 is used only during activation of a Storage Gateway appliance.

A Storage Gateway VM doesn't require port 80 to be publicly accessible. The required level of access to port 80 depends on your network configuration. If you activate your gateway from the Storage Gateway Management Console, the host from which you connect to the console must have access to your gateway’s port 80.

Storage Gateway VM

Domain Name Service (DNS) server

User Datagram Protocol (UDP)/UDP

53 (DNS)

For communication between a Storage Gateway VM and the DNS server.

Storage Gateway VM

AWS

TCP

22 (Support channel)

Allows AWS Support to access your gateway to help you with troubleshooting gateway issues. You don't need this port open for the normal operation of your gateway, but it is required for troubleshooting.

Storage Gateway VM

Network Time Protocol (NTP) server

UDP

123 (NTP)

Used by local systems to synchronize VM time to the host time. A Storage Gateway VM is configured to use the following NTP servers:

  • 0.amazon.pool.ntp.org

  • 1.amazon.pool.ntp.org

  • 2.amazon.pool.ntp.org

  • 3.amazon.pool.ntp.org

Storage Gateway Hardware Appliance

Hypertext Transfer Protocol (HTTP) proxy

TCP

8080 (HTTP)

Required briefly for activation.

In addition to the common ports, Tape Gateway also requires the following ports.

From

To

Protocol

Port

How Used

iSCSI initiators

Storage Gateway VM

TCP

3260 (iSCSI)

By local systems to connect to iSCSI targets exposed by a gateway.