Defining alternative ports in PAM Configurations
Rotation relies on the port field in resource records to determine its connection method.
For example, in a PAM Machine record, port 22 tells the gateway to use SSH, port 5985 for WinRM (http) and port 5986 for WinRM (https).
The expected standard ports are listed in the following table.
PAM Machine
SSH
22=ssh
PAM Machine
WinRM
5986=winrm
PAM Directory
Active Directory
636=ldaps
PAM Directory
OpenLDAP
636=ldaps
PAM Database
Postgresql
5432=postgresql
PAM Database
MySQL
3306=mysql
PAM Database
MariaDB
3306=mariadb
PAM Database
Microsoft SQL
1433=mssql
PAM Database
Oracle
1521=oracle
PAM Database
MongoDB
27017=mongodb
To use a non-standard port, specify the alternative port in two places:
In the PAM Configuration port mapping field, enter {port}=
{connection}
, for example, 32636=ldaps.
For {connection}
: refer to the labels under Standard Port in the standard ports table.
In the PAM Machine/Directory/Database record, enter the chosen port in the port field
For example, to connect to a MySQL database using port 3307, your PAM Configuration should have 3307=mysql
under port mapping, and your PAM Database record should reference port 3307.
Multiple port mappings are newline-separated in the PAM Configuration.