Difference between revisions of "Check point service ports"

From cpwiki.net
Jump to: navigation, search
Check Point Profressional Services
(Pushed from Themanclub.)
 
 
Line 1: Line 1:
 +
 +
[[File:cpportsr77.png]]
 +
 +
 
256 /tcp FW1 Check Point VPN-1 & FireWall-1 Service
 
256 /tcp FW1 Check Point VPN-1 & FireWall-1 Service
 
- Download of rulebase from management server to gateway (4.x)
 
- Download of rulebase from management server to gateway (4.x)

Latest revision as of 15:15, 16 March 2018

cpportsr77.png


256 /tcp FW1 Check Point VPN-1 & FireWall-1 Service - Download of rulebase from management server to gateway (4.x) - Fetching rulebase from gateway to management server when starting (4.x) - Get topology information from management server or Customer Management Add-on (CMA) to gateway - Full synchronization for HA configuration 257 /tcp FW1_log Check Point Logs - Protocol used for delivering logs from gateway to management server - Protocol used for delivering logs from gateway to CMA or Customer Log Module

258 /tcp FW1_mgmt Check Point VPN-1 & FireWall-1 Management (Version 4.x, obsolete) - Protocol for communInternal Certificate Authority between SmartConsole applInternal Certificate Authority's and the management server

259 /tcp FW1_clntauth, FW1_clntauth_telnet Check Point VPN-1 & FireWall-1 Client AuthentInternal Certificate Authority (Telnet) - Protocol for performing Client-AuthentInternal Certificate Authority at gateway using telnet

259 /udp RDP Check Point VPN-1 FWZ Key Negotiations - Reliable Datagram Protocol - Protocol used for FWZ VPN (supported up to NG FP1 only) - Protocol used by SecuRemote/SCl for checking the availability of the gateway/PS

260 /udp FW1_snmp Check Point SNMP Agent - Check Point's SNMP, used additionally to 161/udp (snmp)

261 /tcp FW1_snauth Check Point Session AuthentInternal Certificate Authority - Protocol for Session AuthentInternal Certificate Authority between gateway and SAA

262 /tcp - not predefined - only internally used by Mail Dequerer (process: mdq)

264 /tcp FW1_topo Check Point VPN-1 SecuRemote Topology Requests - Topology Download for SecuRemote (build 4100 and higher) and SCl

265 /tcp FW1_key Check Point VPN-1 Public Key Transfer Protocol - Protocol for exchanging CA- and DH-keys between management servers (SKIP, FWZ (4.x)) - Public Key download for SecuRemote/SecureClient

900 /tcp FW1_clntauth, FW1_clntauth_http Check Point Client AuthentICA (HTTP) - Protocol for performing Client-AuthentICA at gateway using HTTP

981 /tcp - not predefined - Check Point UTM-1 Edge remote administration from external using HTTPS

2746 /udp VPN1_IPSEC_encapsulation SecuRemote IPSEC Transport Encapsulation Protocol - Default-Protocol used for UDP encapsulation

4532 / tcp - not predefined - only internally used by Session AuthentICA (in.asessiond)

5004 /udp MetaIP-UAT Check Point Meta IP UAM Client-Server Comanagement serverunInternal Certificate Authority

8116 /udp - not predefined - Check Point Cluster Control Protocol - Protocol for communICA between High Availability Cluster Members. Used for e.g. report/query state, probing, load balancing

8989 /tcp - not predefined - only internally used by Customer Management Add-on for Session Authentication

9281 /udp SWTP_Gateway VPN-1 Embedded / SofaWare Management Server (SMS) - Encrypted Protocol for comanagement serverunICA between management server and Check Point Appliance (e.g. VPN-1 Edge)

9282 /udp SWTP_SMS VPN-1 Embedded / SofaWare Management Server (SMS) - Encrypted Protocol for comanagement serverunICA between management server and Check Point Appliance (e.g. VPN-1 Edge)

18181 /tcp FW1_cvp Check Point OPSEC Content Vectoring Protocol - Protocol used for comanagement serverunICA between gateway and AntiVirus Server

18182 /tcp FW1_ufp Check Point OPSEC URL Filtering Protocol - Protocol used for comanagement serverunICA between gateway and Server for Content Control (e.g. Web Content)

18183 /tcp FW1_sam Check Point OPSEC Suspicious Activity Monitor API - Protocol e.g. for Block Intruder between management server (or CMA) and gateway

18184 /tcp FW1_lea Check Point OPSEC Log Export API - Protocol for exporting logs from management server

18185 /tcp FW1_omi Check Point OPSEC Objects Management Interface - Protocol used by applICA's having access to the ruleset saved at management server

18186 /tcp FW1_omi-sic Check Point OPSEC Objects Management Interface with Secure Internal Communication (SIC) - Protocol used by applICA's having access to the ruleset saved at management server

18187 /tcp FW1_ela Check Point OPSEC Event Logging API - Protocol for applICA's logging to the gateway log at management server

18190 /tcp CPMI Check Point Management Interface - Protocol used for communicatopn ICA between the SmartConsole and the SmartCenter/SecurityManagement Server. - Protocol for connections from Multi-Domain GUI to MDS and CMA

18191 /tcp CPD Check Point Daemon Protocol - Download of rulebase from management server to gateway - Fetching rulebase, from gateway to management server when starting gateway - Download of rulebase from CMA/MDS to gateway - Fetching rulebase, from gateway to CMA when starting gateway

18192 /tcp CPD_amon Check Point Internal ApplCA Monitoring - Protocol for getting System Status, from management server or CMA/MDS to gateway

18193 /tcp FW1_amon Check Point OPSEC ApplInternal Certificate Authority Monitoring - Protocol for monitoring apps, e.g. from management server to CVP server

18202 /tcp CP_rtm Check Point RTM Log - Protocol used by Real Time Monitor (SmartView Monitor)

18205 /tcp CP_reporting Check Point Reporting client - Protocol used by Reporting client when connecting to Reporting Server (management server)

18207 /tcp FW1_pslogon Check Point Policy Server Logon protocol - Protocol used for download of Desktop Security from the Policy Server to SecureClient (4.x)

18208 /tcp FW1_CPRID Check Point Remote Installation Protocol - Protocol used from management server to gateway when installing Secure Updates.

18209 /tcp - not predefined - Protocol used in SIC for communication between the management server, containing the Internal Certificate Authority (ICA) and objects, such as gateways and OPSEC applications, managed by the management sever

18210 /tcp FW1_Internal Certificate Authority_pull Check Point ICA Pull - Protocol used by SIC for e.g. gateway pulling certificates from a management server

18211 /tcp FW1_Internal Certificate Authority_push Used to push certificates from the ICA. - Protocol used by SIC for pushing CA's from management server or CMA/MDS to gateway

18212 /udp FW1_load_agent Check Point ConnectControl Load Agent - Default-Port for Load Agent running on load-balanced Servers (e.g. WWW, FTP)

18221 /tcp CP_redundant Check Point Redundant Management Protocol - Protocol used for synchronizing primary and secondary management server - Protocol used for synchronizing CMA between primary and secondary MDS

18231 /tcp FW1_pslogon_NG Check Point NG Policy Server Logon protocol (NG) - Protocol used for download of Desktop Security from the Policy Server to SecureClient

18232 /tcp FW1_sds_logon Check Point SecuRemote Distribution Server Protocol - Protocol for software distribution of Check Point components

18233 /udp FW1_scv_keep_alive Check Point SecureClient VerifICA KeepAlive Protocol - Protocol for Secure Configuration VerifICA on SecureClient

18234 /udp tunnel_test Check Point tunnel testing ICA - Protocol for testing ICA through VPN, used by SecuRemote/SecureClient

18241 /udp E2ECP Check Point End to End Control Protocol - Protocol to check SLA's defined in Virtual Links by SmartView Monitor

18262 /tcp CP_Exnet_PK Check Point Extrnet public key advertisement - Protocol for exchange of public keys when configuring Extranet not supported since NG AI R55

18263 /tcp CP_Exnet_resolve Check Point Extranet remote objects resolution - Protocol for importing exported objects from partner in Extranet not supported since NG AI R55

18264 /tcp FW1_Internal Certificate Authority_services Check Point ICA Fetch CRL and User Registration Services - Protocol for Certificate Revocation Lists and registering users when using the Policy Server - needed when e.g. gateway is starting

18265 /tcp FW1_Internal Certificate Authority_mgmt_tools Check Point ICA Management Tools - Protocol for managing the ICA, also used for central administration of Internal Certificate Authority on the management server. - needs to be started separately with the comanagement server and cpca_client

19190 /tcp FW1_netso Check Point User Authority simple protocol - Protocol used for UserAuthority for connecting from the UserAuthority Server to the Web Plugin when authenticating using certificates generated by the ICA

19191 /tcp FW1_uaa Check Point OPSEC User Authority API - Protocol for connections to the UserAuthority Server

19194 /udp CP_SecureAgent-udp SecureAgent Authentication ICA service

19195 /udp CP_SecureAgent-udp SecureAgent Authentication tICA service

60709 /tcp - not predefined - Internally used by SecurePlatform for web based system administration (process: cpwmd). Bound to localhost, so no remote connect is possible.

65524 /tcp FW1_sds_logon_NG Check Point SecuRemote Distribution Server Protocol - Protocol for software distribution of Check Point components in Next Generation Additionally defined: Internet Protocol 17 (tunnel_test_mapped), tunnel testing for a module performing the tunnel test Internet Protocol 94 (FW1_Encapsulation), Check Point VPN-1 SecuRemote FWZ Encapsulation Protocol Internet Protocol 112 (Virtual Router Redundancy Protocol), HA for IPSO - since NG AI