How Can I Configure Ports for a Bastion Host?

To properly use a bastion host, configure the instance and resource security group ports by referring to Table 1.

**Table 1** Inbound and outbound rule configuration reference
Scenario Description	Direction	Protocol/Application	Port
Accessing a bastion host through a web browser (HTTP and HTTPS)	Inbound	TCP	80, 443, and 8080
Accessing a bastion host through Microsoft Terminal Services Client (MSTSC)	Inbound	TCP	53389
Accessing a bastion host through an SSH client	Inbound	TCP	2222
Accessing a bastion host through FTP clients	Inbound	TCP	20~21
Remotely accessing Linux ECSs of a bastion host over SSH clients	Outbound	TCP	22
Remotely accessing Windows ECSs of a bastion host over the RDP Protocol	Outbound	TCP	3389
Accessing Oracle databases through a bastion host	Inbound	TCP	1521
Accessing Oracle databases through a bastion host	Outbound	TCP	1521
Accessing MySQL databases through a bastion host	Inbound	TCP	33306
Accessing MySQL databases through a bastion host	Outbound	TCP	3306
Accessing SQL Server databases through a bastion host	Inbound	TCP	1433
Accessing SQL Server databases through a bastion host	Outbound	TCP	1433
Accessing DB databases through a bastion host	Inbound	TCP	50000
Accessing DB databases through a bastion host	Outbound	TCP	50000
Accessing GaussDB databases through a bastion host	Inbound	TCP	18000
Accessing GaussDB databases through a bastion host	Outbound	TCP	18000
License servers	Outbound	TCP	9443
Cloud services	Outbound	TCP	443
Accessing a bastion host system through the SSH client in the same security group	Outbound	TCP	2222
SMS service	Outbound	TCP	10743 and 443
Domain name resolution service	Outbound	UDP	53
Accessing PGSQL databases through a bastion host	Inbound	TCP	15432
Accessing PGSQL databases through a bastion host	Outbound	TCP	5432