diff --git a/docs/ha-mode.md b/docs/ha-mode.md
index 5e53979395e141a8d2d793624c9ce5d3c9174656..20578f705609fb0f46b66f6693a3d7c21aa13faf 100644
--- a/docs/ha-mode.md
+++ b/docs/ha-mode.md
@@ -61,8 +61,8 @@ listen kubernetes-apiserver-https
   mode tcp
   timeout client 3h
   timeout server 3h
-  server master1 <IP1>:443
-  server master2 <IP2>:443
+  server master1 <IP1>:6443
+  server master2 <IP2>:6443
   balance roundrobin
 ```
 
diff --git a/inventory/group_vars/all.yml b/inventory/group_vars/all.yml
index 56a777e0550ed647cb0870621c143132e61cd82e..ca46d28171c04b3f4a4fe73522d7dab4b30c27a4 100644
--- a/inventory/group_vars/all.yml
+++ b/inventory/group_vars/all.yml
@@ -21,7 +21,7 @@
 #loadbalancer_apiserver_localhost: true
 
 ## Local loadbalancer should use this port instead, if defined.
-## Defaults to kube_apiserver_port (443)
+## Defaults to kube_apiserver_port (6443)
 #nginx_kube_apiserver_port: 8443
 
 ### OTHER OPTIONAL VARIABLES
diff --git a/inventory/group_vars/k8s-cluster.yml b/inventory/group_vars/k8s-cluster.yml
index df34f2c45fae9970fc40b23d1a76581722f75feb..50bbee2304aaa9e884d3b8cd5b5a6964d904e9c3 100644
--- a/inventory/group_vars/k8s-cluster.yml
+++ b/inventory/group_vars/k8s-cluster.yml
@@ -76,7 +76,7 @@ kube_network_node_prefix: 24
 
 # The port the API Server will be listening on.
 kube_apiserver_ip: "{{ kube_service_addresses|ipaddr('net')|ipaddr(1)|ipaddr('address') }}"
-kube_apiserver_port: 443 # (https)
+kube_apiserver_port: 6443 # (https)
 kube_apiserver_insecure_port: 8080 # (http)
 
 # DNS configuration.
diff --git a/roles/kargo-defaults/defaults/main.yaml b/roles/kargo-defaults/defaults/main.yaml
index 9760058c4676d4c3f964783aeb99b24aa471d8d7..a2ec34cb7ec5c6319716dbdee1769c8e2df70857 100644
--- a/roles/kargo-defaults/defaults/main.yaml
+++ b/roles/kargo-defaults/defaults/main.yaml
@@ -91,7 +91,7 @@ kube_network_node_prefix: 24
 
 # The port the API Server will be listening on.
 kube_apiserver_ip: "{{ kube_service_addresses|ipaddr('net')|ipaddr(1)|ipaddr('address') }}"
-kube_apiserver_port: 443 # (https)
+kube_apiserver_port: 6443 # (https)
 kube_apiserver_insecure_port: 8080 # (http)
 
 # Path used to store Docker data
diff --git a/roles/kubernetes-apps/ansible/templates/calico-policy-controller.yml.j2 b/roles/kubernetes-apps/ansible/templates/calico-policy-controller.yml.j2
index 06bb78b7c19d063010fcfde9cfad0852151a174c..b31ae0f43a618aa49451787dbf97c383bcc52409 100644
--- a/roles/kubernetes-apps/ansible/templates/calico-policy-controller.yml.j2
+++ b/roles/kubernetes-apps/ansible/templates/calico-policy-controller.yml.j2
@@ -45,7 +45,7 @@ spec:
             # changed so long as it is used in conjunction with
             # CONFIGURE_ETC_HOSTS="true".
             - name: K8S_API
-              value: "https://kubernetes.default:443"
+              value: "https://kubernetes.default:{{ kube_apiserver_port }}"
             # Configure /etc/hosts within the container to resolve
             # the kubernetes.default Service to the correct clusterIP
             # using the environment provided by the kubelet.
diff --git a/tests/testcases/010_check-apiserver.yml b/tests/testcases/010_check-apiserver.yml
index 7107da52f3fe3440dfa181cea78537c1d09c385d..8ca19e196d61245b49806221f5cc10b6bf2b729f 100644
--- a/tests/testcases/010_check-apiserver.yml
+++ b/tests/testcases/010_check-apiserver.yml
@@ -4,7 +4,7 @@
   tasks:
   - name: Check the API servers are responding
     uri:
-      url: "https://{{ansible_ssh_host}}/api/v1"
+      url: "https://{{ access_ip | default(ansible_default_ipv4.address) }}:{{ kube_apiserver_port }}/api/v1"
       user: kube
       password: changeme
       validate_certs: no