Firewall port

Hi there,

I have a question, It is about firewall.

I have to open port firewall to test elasticsearch on my server.

To open port need some roles, It is starting IP/port , destination IP/port

So I think both starting IP and destination IP are same as my server ip,

and starting port number is 80 , destination port is 9200. Is it right?

I am really wonder about it. please help me.

I am not sure, what you mean by starting IP/port.

The ports that you need to open in your firewall on ES server node depends upon your cluster topology. If you are creating a cluster, you'll have to open up both the HTTP port and Transport Port in your firewall (by default 9200 for HTTP and 9300 for transport). For single node cluster, you don't need to open up transport port.

Thank you so much. But I curious is these(A,B) plz told me.
(I have single node so don't need 9300 port)

my server: can make a connection using any of the source ports to the server listening over port 9200. The inbound port 9200 should be enabled on ElasticSearch server.

Oh, thanks. So base on my server(installed elasticsearch) I can choose outbound ports (example 80).
And inbound ports is 9200 right? so should I configure source ip is any? I really hope your answer. thanks.

You should enable all the outbound ports, because clients can try connecting to ES server from any port. You should fix outbound port only if you are sure that client processes will be initiated from port 80.

Inbound firewall rule for port 9200 can be set on ES server.

Ok I will try from this way. Starting IP and Destination IP are my server IP? Or should I set Starting IP anywhere? I really appreciate you.

For better security, you should restrict the interface to as minimum interfaces as possible. So ideally it should be restricted to the interface from where it will be queried. Along with the default 9200 port, you may need to expose some other ports for SSH access to the server.

There are some best practices listed out for firewall rules here, please refer to it.

okey, If I have more question, Can I ask you again? Thanks.

Hi there,

I really couldn't understand about firewall and port.. this painting is right?
If is right, what should I configure 'A' ip?

If you open a request from machine A to machine B (which runs your elastic node), you should only be interested in the port on machine B, which is 9200 by default. So you can open Port 9200 inbound on machine B. Otherwise machine A won't be able to connect.

The reply from the elastic node will always be sent back to machine A on the source port that machine A used to initiate the connection. Your elastic node will never initiate that connection, but only reply on the connection that machine A opened.

Hi Benny,

your mean is my server = elastic server and how to connect my server and elasticserver? my server outbound = elasticserver inbound = 9200 port? I am very confuse..Thanks.

I assume your firewall sits in front of your elastic server. It then needs to allow 9200 inbound to the elastic server. That should be all you need.

So.. what does elastic server mean?
It is my server with ES tool installed?
or different?

Yes, by elastic server I meant the one that you have installed elasticsearch on.

1 Like

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.