Sunday, September 22, 2013

Checkpoint Firewall Ports

Checkpoint Firewall Ports



Port No.   Name in Service Manager Short description
256 /tcp   FW1 Check Point VPN-1 & FireWall-1 Service
257 /tcp  FW1_log Check Point VPN-1 & FireWall-1 Logs
258 /tcp   FW1_mgmt Check Point VPN-1 & FireWall-1 Management (Version 4.x, obsolete)
259 /tcp   FW1_clntauth
259 /udp   RDP Check Point VPN-1 FWZ Key Negotiations – Reliable Datagram Protocol
260 /udp   FW1_snmp Check Point VPN-1 & FireWall-1 SNMP Agent
261 /tcp   FW1_snauth Check Point VPN-1 & FireWall-1 Session Authentication
262 /tcp   not predefined – only internally used by Mail Dequerer (process: mdq)
264 /tcp   FW1_topo Check Point VPN-1 SecuRemote Topology Requests
265 /tcp   FW1_key Check Point VPN-1 Public Key Transfer Protocol
900 /tcp   FW1_clntauth
981 /tcp   not predefined – Check Point VPN-1 Edge remote administration from external using HTTPS
2746 /udp  VPN1_IPSEC_encapsulation Check Point VPN-1 SecuRemote IPSEC Transport Encapsulation Protocol
4532 / tcp  not predefined – only internally used by Session Authentication (in.asessiond)
5004 /udp  MetaIP-UAT Check Point Meta IP UAM Client-Server Communication
8116 /udp not predefined – Check Point Cluster Control Protocol
8989 / tcp  not predefined – only internally used by CMA for Messaging (process: cpd)
9281 /udp  SWTP_Gateway VPN-1 Embedded / SofaWare commands
9282 /udp  SWTP_SMS VPN-1 Embedded / SofaWare Management Server (SMS)
18181 /tcp  FW1_cvp Check Point OPSEC Content Vectoring Protocol
18182 /tcp  FW1_ufp Check Point OPSEC URL Filtering Protocol
18183 /tcp  FW1_sam Check Point OPSEC Suspicious Activity Monitor API
18184 /tcp  FW1_lea Check Point OPSEC Log Export API
18185 /tcp  FW1_omi Check Point OPSEC Objects Management Interface
18186 /tcp  FW1_omi-sic Check Point OPSEC Objects Management Interface with SIC
18187 /tcp  FW1_ela Check Point OPSEC Event Logging API
18190 /tcp  CPMI Check Point Management Interface
18191 /tcp  CPD Check Point Daemon Protocol
18192 /tcp  CPD_amon Check Point Internal Application Monitoring
18193 /tcp  FW1_amon Check Point OPSEC Application Monitoring
18202 /tcp  CP_rtm Check Point RTM Log
18205 /tcp  CP_reporting Check Point Reporting client
18207 /tcp  FW1_pslogon Check Point Policy Server Logon protocol
18208 /tcp  FW1_CPRID Check Point Remote Installation Protocol
18209 /tcp  not predefined – Protocol used in SIC for communication between FWM and ICA (status, issue, revoke)
18210 /tcp  FW1_ica_pull Check Point Internal CA Pull Certificate Service
18211 /tcp  FW1_ica_push Check Point Internal CA Push Certificate Service
18212 /udp  FW1_load_agent Check Point ConnectControl Load Agent
18221 /tcp  CP_redundant Check Point Redundant Management Protocol
18231 /tcp  FW1_pslogon_NG Check Point NG Policy Server Logon protocol (NG)
18232 /tcp  FW1_sds_logon Check Point SecuRemote Distribution Server Protocol
18233 /udp  FW1_scv_keep_alive Check Point SecureClient Verification KeepAlive Protocol
18234 /udp  tunnel_test Check Point tunnel testing application
18241 /udp  E2ECP Check Point End to End Control Protocol
18262 /tcp  CP_Exnet_PK Check Point Extrnet public key advertisement
18263 /tcp  CP_Exnet_resolve Check Point Extranet remote objects resolution
18264 /tcp  FW1_ica_services Check Point Internal CA Fetch CRL and User Registration Services
18265/tcp  FW1_ica_mgmt_tools Check Point Internal CA Management Tools
19190 /tcp  FW1_netso Check Point User Authority simple protocol
19191 /tcp  FW1_uaa Check Point OPSEC User Authority API
19194 /udp  CP_SecureAgent-udp SecureAgent Authentication service
19195 /udp  CP_SecureAgent-udp SecureAgent Authentication service
60709 / tcp not predefined – Internally used by SecurePlatform for web based system administration (process: cpwmd). It’s bound to localhost, so no remote connect is possible.
65524 /tcp  FW1_sds_logon_NG Check Point SecuRemote Distribution Server Protocol

No comments: