| Port |
Type |
Name |
Description |
| 256 |
tcp |
FW1 |
Check Point VPN-1 & FireWall-1 Service
- Download of rulebase from MM to FWM (4.x)
- Fetching rulebase from FWM to MM when starting (4.x)
- Get topology information from MM or CMA to FWM (also for NG)
- Full synchronisation for HA configuration (also for NG) |
| 257 |
tcp |
FW1_log |
Check Point VPN-1 & FireWall-1 Logs
- Protocol used for delivering logs from FWM to MM
- Protocol used for delivering logs from FWM to CMA or CLM |
| 258 |
tcp |
FW1_mgmt |
Check Point VPN-1 & FireWall-1 Management (Version 4.x, obsolete)
- Protocol for communication between GUI and MM 4.x |
| 259 |
tcp |
FW1_clntauth
FW1_clntauth_telnet |
Check Point VPN-1 & FireWall-1 Client Authentication (Telnet)
- Protocol for performing Client-Authentication at FWM using telnet |
| 259 |
udp |
RDP |
Check Point VPN-1 FWZ Key Negotiations - Reliable Datagram Protocol
- Protocol used for FWZ VPN (supported up to NG FP1 only)
- Protocol used by SR/SCl for checking the availability of the FWM/PS |
| 260 |
udp |
FW1_snmp |
Check Point VPN-1 & FireWall-1 SNMP Agent
- Check Point's SNMP, used additionally to 161/udp (snmp) |
| 261 |
tcp |
FW1_snauth |
Check Point VPN-1 & FireWall-1 Session Authentication
- Protocol for Session Authentication between FWM and SAA |
| 262 |
tcp |
- not predefined - |
only internally used by Mail Dequerer (process: mdq) |
| 264 |
tcp |
FW1_topo |
Check Point VPN-1 SecuRemote Topology Requests
- Topology Download for SR (build 4100 and higher) and SCl |
| 265 |
tcp |
FW1_key |
Check Point VPN-1 Public Key Transfer Protocol
- Protocol for exchanging CA- and DH-keys between MM's (SKIP, FWZ (4.x))
- Public Key download for SR/SCl |
| 900 |
tcp |
FW1_clntauth
FW1_clntauth_http |
Check Point VPN-1 & FireWall-1 Client Authentication (HTTP)
- Protocol for performing Client-Authentication at FWM using HTTP |
| 981 |
tcp |
- not predefined - |
Check Point VPN-1 Edge remote administration from external using HTTPS |
| 2746 |
udp |
VPN1_IPSEC_encapsulation |
Check Point VPN-1 SecuRemote IPSEC Transport Encapsulation Protocol
- Default-Protocol used for UDP encapsulation |
| 4532 |
tcp |
- not predefined - |
only internally used by Session Authentication (in.asessiond) |
| 5004 |
udp |
MetaIP-UAT |
Check Point Meta IP UAM Client-Server Communication |
| 8116 |
udp |
- not predefined - |
Check Point Cluster Control Protocol
- Protocol for internal communication between High Availability Cluster Members. Used for e.g. report/query state, probing, load balancing |
| 8989 |
tcp |
- not predefined - |
only internally used by CMA for Messaging (process: cpd) |
| 9281 |
udp |
SWTP_Gateway |
VPN-1 Embedded SofaWare commands
- Encrypted Protocol for communication between MM and Check Point Appliance (e.g. VPN-1 Edge) |
| 9282 |
udp |
SWTP_SMS |
VPN-1 Embedded SofaWare Management Server (SMS)
- Encrypted Protocol for communication between MM and Check Point Appliance (e.g. VPN-1 Edge) |
| 18181 |
tcp |
FW1_cvp |
Check Point OPSEC Content Vectoring Protocol
- Protocol used for communication between FWM and AntiVirus Server |
| 18182 |
tcp |
FW1_ufp |
Check Point OPSEC URL Filtering Protocol
- Protocol used for communication between FWM and Server for Content Control (e.g. Web Content) |
| 18183 |
tcp |
FW1_sam |
Check Point OPSEC Suspicious Activity Monitor API
- Protocol e.g. for Block Intruder between MM (or CMA) and FWM |
| 18184 |
tcp |
FW1_lea |
Check Point OPSEC Log Export API
- Protocol for exporting logs from MM |
| 18185 |
tcp |
FW1_omi |
Check Point OPSEC Objects Management Interface
- Protocol used by applications having access to the ruleset saved at MM |
| 18186 |
tcp |
FW1_omi-sic |
Check Point OPSEC Objects Management Interface with SIC
- Protocol used by applications having access to the ruleset saved at MM |
| 18187 |
tcp |
FW1_ela |
Check Point OPSEC Event Logging API
- Protocol for applications logging to the Firewall log at MM |
| 18190 |
tcp |
CPMI |
Check Point Management Interface
- Protocol for communication between GUI and MM
- Protocol for connections from MDG to MDS and CMA |
| 18191 |
tcp |
CPD |
Check Point Daemon Protocol
- Download of rulebase from MM to FWM
- Fetching rulebase, from FWM to MM when starting FWM
- Download of rulebase from MDS/CMA to FWM
- Fetching rulebase, from FWM to CMA when starting FWM |
| 18192 |
tcp |
CPD_amon |
Check Point Internal Application Monitoring
- Protocol for getting System Status, from MM or MDS/CMA to FWM |
| 18193 |
tcp |
FW1_amon |
Check Point OPSEC Application Monitoring
- Protocol for monitoring apps, e.g. from MM to CVP server |
| 18202 |
tcp |
CP_rtm |
Check Point RTM Log
- Protocol used by Real Time Monitor (SmartView Monitor) |
| 18205 |
tcp |
CP_reporting |
Check Point Reporting client
- Protocol used by Reporting client when connecting to Reporting Server (MM) |
| 18207 |
tcp |
FW1_pslogon |
Check Point Policy Server Logon protocol
- Protocol used for download of Desktop Security from PS to SCl (4.x) |
| 18208 |
tcp |
FW1_CPRID |
Check Point Remote Installation Protocol
- Protocol used from MM to FWM when installing Secure Updates. |
| 18209 |
tcp |
- not predefined - |
Protocol used in SIC for communication between FWM and ICA (status, issue, revoke) |
| 18210 |
tcp |
FW1_ica_pull |
Check Point Internal CA Pull Certificate Service
- Protocol used by SIC for e.g. FWM pulling CA's from MM |
| 18211 |
tcp |
FW1_ica_push |
Check Point Internal CA Push Certificate Service
- Protocol used by SIC for pushing CA's from MM or CMA/MDS to FWM |
| 18212 |
udp |
FW1_load_agent |
Check Point ConnectControl Load Agent
- Default-Port for Load Agent running on load-balanced Servers (e.g. WWW, FTP) |
| 18221 |
tcp |
CP_redundant |
Check Point Redundant Management Protocol
- Protocol used for synchronizing primary and secondary MM
- Protocol used for synchronizing CMA between primary and secondary MDS |
| 18231 |
tcp |
FW1_pslogon_NG |
Check Point NG Policy Server Logon protocol (NG)
- Protocol used for download of Desktop Security from PS to SCl |
| 18232 |
tcp |
FW1_sds_logon |
Check Point SecuRemote Distribution Server Protocol
- Protocol for software distribution of Check Point components |
| 18233 |
udp |
FW1_scv_keep_alive |
Check Point SecureClient Verification KeepAlive Protocol
- Protocol for Secure Configuration Verification on SecureClient |
| 18234 |
udp |
tunnel_test |
Check Point tunnel testing application
- Protocol for testing applications through a VPN, used by SR/SCl |
| 18241 |
udp |
E2ECP |
Check Point End to End Control Protocol
- Protocol to check SLA's defined in Virtual Links by SmartView Monitor |
| 18262 |
tcp |
CP_Exnet_PK |
Check Point Extrnet public key advertisement
- Protocol for exchange of public keys when configuring Extranet
no more supported since NG AI R55 |
| 18263 |
tcp |
CP_Exnet_resolve |
Check Point Extranet remote objects resolution
- Protocol for importing exported objects from partner in Extranet
no more supported since NG AI R55 |
| 18264 |
tcp |
FW1_ica_services |
Check Point Internal CA Fetch CRL and User Registration Services
- Protocol for Certificate Revocation Lists and registering users when using the Policy Server
- needed when e.g. FWM is starting |
| 18265/ |
tcp |
FW1_ica_mgmt_tools |
Check Point Internal CA Management Tools
- Protocol for managing the ICA, established with NG AI, also used for central administration of certificates on MM.
- needs to be started separately with the command cpca_client |
| 19190 |
tcp |
FW1_netso |
Check Point User Authority simple protocol
- Protocol used in UA for connecting from UA Server to Web Plugin when authenticating users here |
| 19191 |
tcp |
FW1_uaa |
Check Point OPSEC User Authority API
- Protocol for connections to the UA Server |
| 19194 |
udp |
CP_SecureAgent-udp |
SecureAgent Authentication service |
| 19195 |
udp |
CP_SecureAgent-udp |
SecureAgent Authentication service |
| 60709 |
tcp |
- not predefined - |
Internally used by SecurePlatform for web based system administration (process: cpwmd). It's bound to localhost, so no remote connect is possible. |
| 65524 |
tcp |
FW1_sds_logon_NG |
Check Point SecuRemote Distribution Server Protocol
- Protocol for software distribution of Check Point components in Next Generation |
| 17 |
ip |
tunnel_test_mapped |
tunnel testing for a module performing the tunnel test |
| 94 |
ip |
FW1_Encapsulation |
Check Point VPN-1 SecuRemote FWZ Encapsulation Protocol |
| 117 |
Ip |
Virtual Router Redundancy Protocol |
HA for Nokia's IPSO - since NG AI |
Copyright © 2002-2010 HLNCC. All rights reserved.
HLNCC web site pages may contain other proprietary notices and copyright information which should be observed.
