What Ports Does Aspera Use?
If you’re evaluating IBM’s Aspera for high-speed file transferring within your organization, you may be wondering what ports the solution uses. Don’t worry. As Premier IBM Aspera Partners, we’re here to answer all your questions about configuring the product within your organization.
Aspera Leverages SSH as Part of the FASP Protocol
Aspera has a list of best practices for using its solution seamlessly throughout your organization. And at the top of that list is the recommendation that you run the transfer server on a non standard SSH port, which defaults to 33001. This is especially important if your server lives in a DMZ, where it is vulnerable to port scan attacks.
Configuring Your Firewall
To best run Aspera on your Enterprise Server or Point-to-Point, follow these instructions to configure your firewall:
- Allow inbound connections via TCP on either 33001 or whichever non-default port you choose. If you have legacy users or a legacy customer base using TCP/22, it’s okay to allow inbound connections on both ports.
- Allow inbound connections for FASP® transfers on UDP/33001, which is used by default. However, you should note that you may choose to run FASP transfers using another, non-default port instead.
- Do you have a local firewall on your server? If so, in order for Aspera to work you’ll need to make sure that your local firewall isn’t blocking your SSH and FASP transfer ports. If you’re running on a RedHat flavor of linux, you can open these ports using the below commands
firewall-cmd –zone=public –add-port=33001/tcp –permanent
firewall-cmd –zone=public –add-port=33001/udp –permanent
Configuring Your Client Machines
Most consumer and business firewalls allow client machines to create direct outbound connections on TCP and UDP. Therefore, there’s no client-side configuration needed in order for Aspera to work.
However, there are always exceptions that restrict direct outbound connections, such as proxy servers for Web browsing. If your organization meets this exception, you’ll need to perform the following client-side configurations:
- Allow all outbound connections from the Aspera client on either TCP/33001 (which is used by default), or the non-default port your organization is using.
- Allow all outbound connections from the Aspera client on the FASP UDP port, which is also 33001 by default.
Ask Us Your Aspera Configuration Questions
We know that organizations that consider Aspera for their high-speed file transfer needs spend a great deal of time researching how they’ll configure the solution if they choose to deploy it. You don’t need to go on a data dive yourself. As your trusted solution providers, we’re here to help you every step of the way as you evaluate IBM’s Aspera for your business so you can make the most informed decision possible.
To reach us, call us at (512) 766-8715 or email us at email@example.com.