Home / Kong Gateway
Edit
Report

Kong Gateway ports reference

Uses: Kong Gateway
Related Documentation
All Gateway Documentation
Incompatible with
konnect
Tags
#network
Related Resources
Secure Kong Gateway
Secure the Admin API
Proxying with Kong Gateway
DNS configuration reference
Kong Gateway Control Plane and Data Plane communication

Kong Gateway needs port access for two main types of connections: traffic passing through the proxy and managing the Kong Gateway via the Admin API.

Proxy ports

The proxy ports are the only ports that should be made available to your clients. Upstream services are accessible via the proxy interface and ports, so make sure that these values only grant the access level you require.

Your proxy will need rules added for any HTTP/HTTPS and TCP/TLS stream listeners that you configure. For example, if you want Kong Gateway to manage traffic on port 4242, your firewall must configure the Route to allow traffic on that port.

The following are the default proxy ports:

Port

Protocol

kong.conf setting

Description
8000 HTTP proxy_listen Takes incoming HTTP traffic from Consumers, and forwards it to upstream services.
8443 HTTPS proxy_listen Takes incoming HTTPS traffic from Consumers, and forwards it to upstream services.

You can also proxy TCP/TLS streams, which is disabled by default. If you want to proxy this traffic, see stream_listen in the Kong configuration reference for more information about stream proxy listen options and how to enable it.

Admin API ports

The Admin API is used to manage Kong Gateway. You should prevent unauthorized access to these ports in production.

The following are the default ports used by the Admin API:

Port

Protocol

kong.conf setting

Description
8001 HTTP admin_listen Listens for Admin API calls from the command line over HTTP.
8444 HTTPS admin_listen Listens for Admin API calls from the command line over HTTPS.

Other default ports

In addition to the proxy and Admin API ports, Kong Gateway listens on the following other ports by default:

Port

Protocol

kong.conf setting

Description
8002 HTTP admin_gui_listen Kong Manager (GUI). Listens for HTTP traffic.
8445 HTTPS admin_gui_listen Kong Manager (GUI). Listens for HTTPS traffic.
8005 TCP cluster_listen Hybrid mode only. Control plane listens for traffic from data plane nodes.
8006 TCP cluster_telemetry_listen Hybrid mode only. Control plane listens for Vitals telemetry data from data plane nodes.
8007 HTTP status_listen v3.6+ Status listener. Listens for calls from monitoring clients over HTTP.
Something wrong?
Report an Issue | Edit this Page

Help us make these docs great!

Kong Developer docs are open source. If you find these useful and want to make them better, contribute today!
Contribute

Still need help

Ask in our Forum
Contact Support