When a request comes to a resource say, an HTTP request, a short-lived transport protocol port for Internet Protocol (IP) communications is allocated automatically from a predefined range by the IP stack software, and is called the ephemeral port. The response goes back via the ephemeral port. You need to know the ephemeral ports which differ depending on the OS; a few samples are shown in the table following. You need to allow ephemeral ports in an NACL for effective communication:
Operating System |
Ephemeral port |
Amazon Linux |
32768-61000 |
Windows Server 2003/Windows XP |
1025-5000 |
Windows Server 2008 |
49152-65535 |
AWS ELB/AWS NAT |
1024-65535 |