System and Firewall Requirements

Node Machine
  • In order to work with Console, node machines must have an Aspera transfer product installed (IBM Aspera Enterprise Server, IBM Aspera Connect Server, or IBM Aspera Point-to-Point Client).
Firewall (on the Node Machines)
  • To ensure that your server is secure, Aspera strongly recommends allowing inbound connections for SSH on TCP/33001 (or on another non-default, configurable TCP port), and disallowing inbound connections on TCP/22. If you have a legacy customer base using TCP/22, you can allow inbound connections on both ports. For details on securing your individual Aspera transfer server product, review the corresponding user manuals.
  • Allow inbound connections for FASP transfers, which use UDP/33001 by default, although the server may also choose to run FASP transfers on another port.
  • For current nodes and legacy nodes that have been converted to current nodes, allow an inbound connection on TCP 9092.
  • For legacy nodes (unconverted), allow an inbound connection for Aspera Central (for example, TCP/40001).
  • For legacy nodes (unconverted), allow an outbound connection for logging to Console on TCP/4406.
Note: No servers are listening on UDP ports.
When an Aspera client initiates a transfer, the client opens an SSH session to the SSH server on the designated TCP port and negotiates the UDP port over which the data transfer will occur.