Network ports used by ActiveGate
See the ports you need to open for your ActiveGates, depending on their types and your deployment scenario.
| Origin | Port | Destination | Deployment |
|---|---|---|---|
| OneAgent | 9999 | Cluster ActiveGate | Managed only |
| OneAgent | 9999 | Environment ActiveGate | Managed and SaaS |
| Cluster ActiveGate | 4431 | Managed Cluster Node | Managed only |
| Environment ActiveGate | 9999 | Cluster ActiveGate | Managed only |
| Environment ActiveGate | 4431 | Managed Cluster Node | Managed only |
| Environment ActiveGate | 443 | Cloud/virtualization environments | Managed and SaaS |
| Environment ActiveGate | 443 | SaaS Dynatrace Server | SaaS only |
| Origin | Port | Intermediate | Port | Destination | Deployment |
|---|---|---|---|---|---|
| Environment ActiveGate | 9999 | Cluster ActiveGate | 4431 | Managed Cluster Node | Managed only |
The port 9999 that is used for communication with OneAgents and other ActiveGates can be manually re-configured in the ActiveGate custom.properties file.
If you run Browser monitors or HTTP monitors from private Synthetic locations, you need to make sure the Synthetic-enabled ActiveGate has access to the tested resource. If you use ActiveGate extensions, you need to make sure the ActiveGate executing the extensions has access to the monitored technology.
For Dynatrace Managed, ActiveGate must have network access to other services as well on specific ports, based on your deployment scenario.
1 Dynatrace environments with a cluster version earlier than 1.166 use port 8443. New Dynatrace environments still use port 8443, but this port doesn't need to be exposed to the outside of the cluster nodes. Upgraded Dynatrace environments preserve port settings from the previous version. As a result, it is possible to have an upgraded Dynatrace environment that still uses port 8443.