Nighthawk at 15:15, 16 March 2018

2018-03-16T15:15:00Z

Nighthawk: Pushed from Themanclub.

2013-02-26T00:27:29Z

Pushed from Themanclub.

New page

256 /tcp FW1 Check Point VPN-1 & FireWall-1 Service
- Download of rulebase from management server to gateway (4.x)
- Fetching rulebase from gateway to management server when starting (4.x)
- Get topology information from management server or Customer Management Add-on (CMA) to gateway
- Full synchronization for HA configuration 257 /tcp FW1_log Check Point Logs
- Protocol used for delivering logs from gateway to management server
- Protocol used for delivering logs from gateway to CMA or Customer Log Module

258 /tcp FW1_mgmt Check Point VPN-1 & FireWall-1 Management (Version 4.x, obsolete)
- Protocol for communInternal Certificate Authority between SmartConsole applInternal Certificate Authority's and the management server

259 /tcp FW1_clntauth, FW1_clntauth_telnet Check Point VPN-1 & FireWall-1 Client AuthentInternal Certificate Authority (Telnet)
- Protocol for performing Client-AuthentInternal Certificate Authority at gateway using telnet

259 /udp RDP Check Point VPN-1 FWZ Key Negotiations - Reliable Datagram Protocol
- Protocol used for FWZ VPN (supported up to NG FP1 only)
- Protocol used by SecuRemote/SCl for checking the availability of the gateway/PS

260 /udp FW1_snmp Check Point SNMP Agent
- Check Point's SNMP, used additionally to 161/udp (snmp)

261 /tcp FW1_snauth Check Point Session AuthentInternal Certificate Authority
- Protocol for Session AuthentInternal Certificate Authority between gateway and SAA

262 /tcp - not predefined - only internally used by Mail Dequerer (process: mdq)

264 /tcp FW1_topo Check Point VPN-1 SecuRemote Topology Requests
- Topology Download for SecuRemote (build 4100 and higher) and SCl

265 /tcp FW1_key Check Point VPN-1 Public Key Transfer Protocol
- Protocol for exchanging CA- and DH-keys between management servers (SKIP, FWZ (4.x))
- Public Key download for SecuRemote/SecureClient

900 /tcp FW1_clntauth, FW1_clntauth_http Check Point Client AuthentICA (HTTP)
- Protocol for performing Client-AuthentICA at gateway using HTTP

981 /tcp - not predefined - Check Point UTM-1 Edge remote administration from external using HTTPS

2746 /udp VPN1_IPSEC_encapsulation SecuRemote IPSEC Transport Encapsulation Protocol
- Default-Protocol used for UDP encapsulation

4532 / tcp - not predefined - only internally used by Session AuthentICA (in.asessiond)

5004 /udp MetaIP-UAT Check Point Meta IP UAM Client-Server Comanagement serverunInternal Certificate Authority

8116 /udp - not predefined - Check Point Cluster Control Protocol
- Protocol for communICA between High Availability Cluster Members. Used for e.g. report/query state, probing, load balancing

8989 /tcp - not predefined - only internally used by Customer Management Add-on for Session Authentication

9281 /udp SWTP_Gateway VPN-1 Embedded / SofaWare Management Server (SMS)
- Encrypted Protocol for comanagement serverunICA between management server and Check Point Appliance (e.g. VPN-1 Edge)

9282 /udp SWTP_SMS VPN-1 Embedded / SofaWare Management Server (SMS)
- Encrypted Protocol for comanagement serverunICA between management server and Check Point Appliance (e.g. VPN-1 Edge)

18181 /tcp FW1_cvp Check Point OPSEC Content Vectoring Protocol
- Protocol used for comanagement serverunICA between gateway and AntiVirus Server

18182 /tcp FW1_ufp Check Point OPSEC URL Filtering Protocol
- Protocol used for comanagement serverunICA between gateway and Server for Content Control (e.g. Web Content)

18183 /tcp FW1_sam Check Point OPSEC Suspicious Activity Monitor API
- Protocol e.g. for Block Intruder between management server (or CMA) and gateway

18184 /tcp FW1_lea Check Point OPSEC Log Export API
- Protocol for exporting logs from management server

18185 /tcp FW1_omi Check Point OPSEC Objects Management Interface
- Protocol used by applICA's having access to the ruleset saved at management server

18186 /tcp FW1_omi-sic Check Point OPSEC Objects Management Interface with Secure Internal Communication (SIC)
- Protocol used by applICA's having access to the ruleset saved at management server

18187 /tcp FW1_ela Check Point OPSEC Event Logging API
- Protocol for applICA's logging to the gateway log at management server

18190 /tcp CPMI Check Point Management Interface
- Protocol used for communicatopn ICA between the SmartConsole and the SmartCenter/SecurityManagement Server.
- Protocol for connections from Multi-Domain GUI to MDS and CMA

18191 /tcp CPD Check Point Daemon Protocol
- Download of rulebase from management server to gateway
- Fetching rulebase, from gateway to management server when starting gateway
- Download of rulebase from CMA/MDS to gateway
- Fetching rulebase, from gateway to CMA when starting gateway

18192 /tcp CPD_amon Check Point Internal ApplCA Monitoring
- Protocol for getting System Status, from management server or CMA/MDS to gateway

18193 /tcp FW1_amon Check Point OPSEC ApplInternal Certificate Authority Monitoring
- Protocol for monitoring apps, e.g. from management server to CVP server

18202 /tcp CP_rtm Check Point RTM Log
- Protocol used by Real Time Monitor (SmartView Monitor)

18205 /tcp CP_reporting Check Point Reporting client
- Protocol used by Reporting client when connecting to Reporting Server (management server)

18207 /tcp FW1_pslogon Check Point Policy Server Logon protocol
- Protocol used for download of Desktop Security from the Policy Server to SecureClient (4.x)

18208 /tcp FW1_CPRID Check Point Remote Installation Protocol
- Protocol used from management server to gateway when installing Secure Updates.

18209 /tcp - not predefined - Protocol used in SIC for communication between the management server, containing the Internal Certificate Authority (ICA) and objects, such as gateways and OPSEC applications, managed by the management sever

18210 /tcp FW1_Internal Certificate Authority_pull Check Point ICA Pull
- Protocol used by SIC for e.g. gateway pulling certificates from a management server

18211 /tcp FW1_Internal Certificate Authority_push Used to push certificates from the ICA.
- Protocol used by SIC for pushing CA's from management server or CMA/MDS to gateway

18212 /udp FW1_load_agent Check Point ConnectControl Load Agent
- Default-Port for Load Agent running on load-balanced Servers (e.g. WWW, FTP)

18221 /tcp CP_redundant Check Point Redundant Management Protocol
- Protocol used for synchronizing primary and secondary management server
- Protocol used for synchronizing CMA between primary and secondary MDS

18231 /tcp FW1_pslogon_NG Check Point NG Policy Server Logon protocol (NG)
- Protocol used for download of Desktop Security from the Policy Server to SecureClient

18232 /tcp FW1_sds_logon Check Point SecuRemote Distribution Server Protocol
- Protocol for software distribution of Check Point components

18233 /udp FW1_scv_keep_alive Check Point SecureClient VerifICA KeepAlive Protocol
- Protocol for Secure Configuration VerifICA on SecureClient

18234 /udp tunnel_test Check Point tunnel testing ICA
- Protocol for testing ICA through VPN, used by SecuRemote/SecureClient

18241 /udp E2ECP Check Point End to End Control Protocol
- Protocol to check SLA's defined in Virtual Links by SmartView Monitor

18262 /tcp CP_Exnet_PK Check Point Extrnet public key advertisement
- Protocol for exchange of public keys when configuring Extranet
not supported since NG AI R55

18263 /tcp CP_Exnet_resolve Check Point Extranet remote objects resolution
- Protocol for importing exported objects from partner in Extranet
not supported since NG AI R55

18264 /tcp FW1_Internal Certificate Authority_services Check Point ICA Fetch CRL and User Registration Services
- Protocol for Certificate Revocation Lists and registering users when using the Policy Server
- needed when e.g. gateway is starting

18265 /tcp FW1_Internal Certificate Authority_mgmt_tools Check Point ICA Management Tools
- Protocol for managing the ICA, also used for central administration of Internal Certificate Authority on the management server.
- needs to be started separately with the comanagement server and cpca_client

19190 /tcp FW1_netso Check Point User Authority simple protocol
- Protocol used for UserAuthority for connecting from the UserAuthority Server to the Web Plugin when authenticating using certificates generated by the ICA

19191 /tcp FW1_uaa Check Point OPSEC User Authority API
- Protocol for connections to the UserAuthority Server

19194 /udp CP_SecureAgent-udp SecureAgent Authentication ICA service

19195 /udp CP_SecureAgent-udp SecureAgent Authentication tICA service

60709 /tcp - not predefined - Internally used by SecurePlatform for web based system administration (process: cpwmd). Bound to localhost, so no remote connect is possible.

65524 /tcp FW1_sds_logon_NG Check Point SecuRemote Distribution Server Protocol
- Protocol for software distribution of Check Point components in Next Generation Additionally defined:
Internet Protocol 17 (tunnel_test_mapped), tunnel testing for a module performing the tunnel test
Internet Protocol 94 (FW1_Encapsulation), Check Point VPN-1 SecuRemote FWZ Encapsulation Protocol
Internet Protocol 112 (Virtual Router Redundancy Protocol), HA for IPSO - since NG AI

[[category:check point]]

← Older revision		Revision as of 15:15, 16 March 2018
Line 1:		Line 1:
		+
		+	[[File:cpportsr77.png]]
		+
		+
	256 /tcp FW1 Check Point VPN-1 & FireWall-1 Service		256 /tcp FW1 Check Point VPN-1 & FireWall-1 Service
	- Download of rulebase from management server to gateway (4.x)		- Download of rulebase from management server to gateway (4.x)

Check point service ports - Revision history

Nighthawk at 15:15, 16 March 2018

Nighthawk: Pushed from Themanclub.