Change the AuthPoint Gateway Service Ports

The AuthPoint Gateway runs as four services: Gateway, RADIUS, LDAP, and ADFS. The Gateway uses these TCP service ports for internal communication between the different Gateway services.

If other applications use these TCP service ports, the Gateway might fail to start or appear offline. To change the port a Gateway service uses, you can update the local properties files. Each Gateway service has its own properties file.

Service Description Default Port Properties File

Port Parameter
WatchGuard AuthPoint Gateway Communicates with WatchGuard Cloud and configures the other three services. TCP port 9000 gateway.properties

agent.gateway.port
WatchGuard AuthPoint RADIUS Communicates with RADIUS clients. TCP port 9001 radius.properties authpoint.radius.port
WatchGuard AuthPoint LDAP Communicates with the LDAP database to authenticate LDAP users. Primary Gateways also use this service to import LDAP users to AuthPoint. TCP port 9002 ldap.properties authpoint.ldap.port
WatchGuard AuthPoint ADFS Communicates with ADFS. TCP port 9003 adfs.properties authpoint.adfs.port

Verify Gateway Ports

To verify that no services are listening on the Gateway service ports, you can use command prompt to run the command Netstat -ano |findstr 900. This command finds anything that begins with 900.

Screenshot of command prompt with the findstr command to show what processes use the required Gateway ports.

If one of the necessary ports is in use, you can run the command Tasklist | findstr process ID to identify which process is using that particular port.

The number at the far right is the process ID of the process listening on the service ports. In the example screenshot, all of the Gateway ports are in use and we can see that TCP port 9000 is used by process ID 6184.

When you use the tasklist command, the AuthPoint Gateway is java.exe. You can expect to see that if you already have a Gateway installed.

Change Gateway Ports

To change which port a Gateway service uses:

  1. Determine the new ports that you will use for the AuthPoint Gateway services. You can run the command Netstat -ano |findstr 1234 to make sure your new Gateway service ports are not in use. In our example, we will use ports 9010-9013 for the Gateway services.
  2. To stop the Gateway services, on the computer or server where the Gateway is installed, open Command Prompt and run these commands:
    • net stop AuthPointGateway
    • net stop AuthPointLDAP
    • net stop AuthPointRADIUS
    • net stop AuthPointADFS
  3. On the computer or server where the Gateway is installed, navigate to c:\Program Files (x86)\WatchGuard\AuthPoint Gateway and open the gateway.properties file for the Gateway service in a text editor.
  4. Update the ports used for each Gateway service:
    • agent.gateway.port=9010
    • authpoint.radius.port=9011
    • authpoint.ldap.port=9012
    • authpoint.adfs.port=9013
  5. Save and close the gateway.properties file.
  6. Go to C:\Program Files (x86)\WatchGuard\AuthPoint RADIUS and open the radius.properties file in a text editor.
  7. Update the ports used for the Gateway and RADIUS services:
    • agent.gateway.port=9010
    • authpoint.radius.port=9011
  8. Save and close the radius.properties file.
  9. Go to C:\Program Files (x86)\WatchGuard\AuthPoint LDAP sync and open the ldap.properties file in a text editor.
  10. Update the ports used for the Gateway and LDAP services:
    • agent.gateway.port=9010
    • authpoint.ldap.port=9012
  11. Save and close the ldap.properties file.
  12. Go to C:\Program Files (x86)\WatchGuard\AuthPoint ADFS and open the adfs.properties file in a text editor.
  13. Update the ports used for the Gateway and ADFS services:
    • agent.gateway.port=9010
    • authpoint.ldap.port=9013
  14. Save and close the adfs.properties file.
  15. If you have already installed the AuthPoint ADFS agent, go to C:\Program files (X86)\WatchGuard\Authpoint ADFS\client and open the adfs-config.cfg file in a text editor. Change all all instances of the default port number 9003 with your new port.
  16. To start the Gateway services again, on the computer or server where the Gateway is installed, open Command Prompt and run these commands:
    • net start AuthPointGateway
    • net start AuthPointLDAP
    • net start AuthPointRADIUS
    • net start AuthPointADFS

See Also

About Gateways

Troubleshoot AuthPoint

Configure MFA for a RADIUS Client