List of ports used by Check Point - NG and NGX.
| Port | Protocol | Description |
| 21 | TCP | ftp File transfer Protocol (control) |
| 21 | UDP | ftp File transfer Protocol (control) |
| 22 | TCP/UDP | ssh SSH remote login |
| 25 | TCP/UDP | SMTP Simple Mail transfer Protocol |
| 50 | - | Encryption IP protocols esp – IPSEC Encapsulation Security Payload |
| 51 | - | Encryption IP protocols ah – IPSEC Authentication Header Protocol |
| 53 | TCP/UDP | Domain Name Server |
| 69 | TCP/UDP | TFTP Trivial File Transfer Protocol |
| 94 | TCP | Encryption IP protocols fwz_encapsulation (FW1_Eencapsulation) |
| 137 | TCP/UDP | Netbios-ns NETBIOS Name Service |
| 138 | TCP/UDP | netbios-dgm NETBIOS Datagram |
| 139 | TCP/UDP | netbios-ssn NETBIOS Session |
| 256 | TCP | FW1 (fwd) policy install port FWD_SVC_PORT |
| 257 | TCP | FW1_log FW1_log FWD_LOG_PORT |
| 258 | TCP | FW1_mgmt FWM_SSVVC_PORT |
| 259 | TCP | FW1_clientauth_telnet |
| 259 | UDP | RDP Reliable Datagram Protocol |
| 260 | TCP | sync |
| 260 | UDP | FW1_snmp FWD_SNMP_PORT |
| 261 | TCP | FW1_snauth Session Authentication Daemon |
| 262 | TCP | MDQ – mail dequer |
| 263 | TCP | dbs |
| 264 | TCP | FW1_topop Check Point SecureClient Topology Requests |
| 265 | TCP | FW1_key Check Point VPN-1 Public key transfer protocol |
| 389 | TCP/UDP | LDAP Secure Client connecting to LDAP without SSL |
| 443 | - | SNX VPN can use 443 too |
| 444 | TCP | SNX VPN SNX VPN tunnel in connectra only |
| 500 | UDP | IPSEC IKE Protocol (formerly ISAKMP/Oakley) |
| 500 | TCP | IKE over TCP |
| 500 | UDP | ISAKMPD_SPORT & ISAKMPD_DPORT |
| 514 | UDP | Syslog Syslog |
| 636 | - | LDAP Secure Client connecting to LDAP with SSL |
| 900 | TCP | FW1_clntauth_http Client Authentication Daemon |
| 981 | - | Management https on the edge |
| 1247 | - | |
| 1494 | TCP | Winframe Citrix |
| 1645 | TCP | Radius |
| 1719 | UDP | VOIP |
| 1720 | TCP | VOIP |
| 2040 | TCP | MIP meta Ip admin server |
| 2746 | UDP | UDP encapsualtion for SR VPN1_IPSEC_encapsulation VPN1_IPSEC encapsulation |
| 2746 | TCP | CPUDPENCap |
| 4000 | - | Policy Server Port (Redmond) |
| 4433 | TCP | Connectra Admin HTTPS Connectra admin port |
| 4500 | UDP | NAT-T NAT Traversal |
| 4532 | TCP | SNDAEMON_PORT sn_auth_trap: sn_auth daemon Sec.Serv comm, |
| 5001 | TCP | Meta IP Web Connection, MIP |
| 5002 | TCP | Meta IP DHCP Failover |
| 5004 | TCP | Meta IP UAM |
| 5005 | TCP | Meta IP SMC |
| 6969 | UDP | KP_PORT KeyProt |
| 8116 | UDP | Check Point HA SyncMode= CPHAP (new sync mode) |
| 8116 | UDP | Connection table synchronization between firewalls |
| 8989 | TCP | CPIS Messaging MSG_DEFAULT_PORT |
| 8998 | TCP | MDS_SERVER_PORT |
| 9000 | - | Command Line Port for Secure Client |
| 10001 | TCP | Default CPRSM listener port for coms with RealSecure Console |
| 18181 | TCP | FW1_cvp Check Point OPSEC Content Vectoring Protocol |
| 18182 | TCP | FW1_ufp Check Point OPSEC URL Filtering Protocol |
| 18183 | TCP | FW1_sam Check Point OPSEC Suspicious Activity monitoring Proto (SAM API) |
| 18184 | TCP | FW1_lea Check Point OPSEC Log Export API |
| 18185 | TCP | FW1_omi Check Point OPSEC Objects Management Interface |
| 18186 | TCP | FW1_omi-sic Check Point OPSEC Objects management Interface with Secure Internal Communication |
| 18187 | TCP | FW1_ela Check Point OPSEC Event Loging API |
| 18190 | TCP | CPMI Check Point Management Interface |
| 18191 | TCP | CPD Check Point Daemon Proto NG |
| 18192 | TCP | CPD_amon Check Point Internal Application Monitoring NG |
| 18193 | TCP | FW1_amon Check Point OPSEC Appication Monitoring NG |
| 18201 | TCP | FGD_SVC_PORT |
| 18202 | TCP | CP_rtm Check Point Real time Monitoring |
| 18203 | TCP | FGD_RTMP_PORT |
| 18204 | TCP | CE communication |
| 18205 | TCP | CP_reporting Check Point Reporting Client Protocol |
| 18207 | TCP | FW1_pslogon Check Point Policy Server logon Protocol |
| 18208 | TCP | FW1_CPRID (SmartUpdate) Check Point remote Installation Protocol |
| 18209 | TCP | FWM CA for establishing SIC communication |
| 18210 | TCP | FW1_ica_pull Check Point Internal CA Pull Certificate Service |
| 18211 | TCP | FW1_ica_pull Check Point Internal CA Push Certificate Service |
| 18212 | UDP | Connect Control – Load Agent port |
| 18213 | TCP | cpinp: inp (admin server) |
| 18214 | TCP | cpsmc: SMC |
| 18214 | UDP | cpsmc: SMC Connectionless |
| 18221 | TCP | CP_redundant Check Point Redundant Management Protocol NG |
| 18231 | TCP | FW1_pslogon_NG Check Point NG Policy Server Logon Protocol |
| 18231 | TCP | NG listens on this port by default dtps.exe |
| 18232 | TCP | FW1_sds_logon Check Point SecuRemote Distribution Server Protocol |
| 18233 | UDP | Check Point SecureClient Verification Keepalive Protocol FW1_scv_keep_alive |
| 18241 | UDP | e2ecp |
| 18262 | TCP | CP_Exnet_PK Check Point Public Key Resolution |
| 18263 | TCP | CP_Exnet_resolve Check Point Extranet remote objects resolution |
| 18264 | TCP | FW1_ica_services Check Point Internal CA Fetch CRL and User Registration Services |
| 19190 | TCP | FW1_netso Check Point OPSEC User Authority Simple Protocol |
| 19191 | TCP | FW1_uaa Check point OPSEC User Authority API |
| 65524 | - | FW1_sds_logon_NG Secure Client Distribution Server Protocol (VC and Higher) |
| Check Point General Common Ports | ||
| Port | Protocol | Description |
| 257 | tcp | FireWall-1 log transfer |
| 18208 | tcp | CPRID (SmartUpdate) |
| 18190 | tcp | SmartDashboard to SCS |
| 18191 | tcp | SCS to FW-1 gateway for policy install |
| 18192 | tcp | SCS monitoring of firewalls (SmartView Status) |
| Check Point SIC Ports | ||
| Port | Protocol | Description |
| 18209 | tcp | NGX Gateways <> ICAs (status, issue, or revoke). |
| 18210 | tcp | Pulls Certificates from an ICA. |
| 18211 | tcp | Used by the cpd daemon (on the gateway) to receive Certificates. |
| Check Point Authentication Ports | ||
| Port | Protocol | Description |
| 259 | tcp | Client Authentication (Telnet) |
| 900 | tcp | Client Authentication (HTTP) |
Check Point Port List - NG/NGX
Reviewed by Admin
on
06:53:00
Rating:
Reviewed by Admin
on
06:53:00
Rating:
