# RAS Secure Gateway

| Source                                | Destination                       | Protocols                      | Ports                     | Description                                                                                                                                                                                                                                           |
| ------------------------------------- | --------------------------------- | ------------------------------ | ------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| RAS Secure Gateway in Forwarding mode | RAS Secure Gateway in Normal mode | <p>TCP, UDP</p><p>TCP, UDP</p> | <p>80, 443</p><p>3389</p> | <p>Management and user session connections.</p><p>Optional - Used for user session if RDP Load Balancing is enabled.</p>                                                                                                                              |
|                                       | RAS Performance Monitor           | TCP                            | 8086                      | Agent (Telegraf service) sends collected performance data to InfluxDB.                                                                                                                                                                                |
| RAS Secure Gateway in Normal mode     | Remote Desktop Services           | TCP, UDP                       | 3389                      | RDP Connections.                                                                                                                                                                                                                                      |
|                                       | RAS Connection Broker             | <p>TCP</p><p>TCP, UDP</p>      | <p>20002</p><p>20009</p>  | <p>RAS Connection Broker service port - communications with RAS Secure Gateways and the RAS Console (in Normal mode only).</p><p>Device Manager shadowing via Firewall (indirect network connection) if RAS Console runs on RAS Connection Broker</p> |
|                                       | RAS Performance Monitor           | TCP                            | 8086                      | Agent (Telegraf service) sends collected performance data to InfluxDB.                                                                                                                                                                                |
|                                       | Localhost                         | TCP                            | 20020                     | Communication with User Portal web server (NodeJS).                                                                                                                                                                                                   |