List of Check Point Ports

in Check Point Firewall

List of Check Point Firewall Ports

Common List Ports that you will need to open on a typical Check Point Firewall. Note: don’t open all of these ports in the list, instead – use this list of ports as a reference for your Check Point firewall configuration.

PORT TYPE SERVICE DESCRIPTION
21 TCP ftp File transfer Protocol (control)
21 UDP ftp File transfer Protocol (control)
22 Both ssh SSH remote login
25 both SMTP Simple Mail transfer Protocol
50 Encryption IP protocols esp – IPSEC Encapsulation Security Payload
51 Encryption IP protocols ah – IPSEC Authentication Header Protocol
53 Both Domain Name Server
69 Both TFTP Trivial File Transfer Protocol
94 TCP Encryption IP protocols fwz_encapsulation (FW1_Eencapsulation)
137 Both Netbios-ns NETBIOS Name Service
138 Both netbios-dgm NETBIOS Datagram
139 Both netbios-ssn NETBIOS Session
256 TCP FW1 (fwd) policy install port FWD_SVC_PORT
257 TCP FW1_log FW1_log FWD_LOG_PORT
258 TCP FW1_mgmt FWM_SSVVC_PORT
259 TCP FW1_clientauth_telnet
259 UDP RDP Reliable Datagram Protocol
260 TCP sync
260 UDP FW1_snmp FWD_SNMP_PORT
261 TCP FW1_snauth Session Authentication Daemon
262 TCP MDQ – mail dequer
263 TCP dbs
264 TCP FW1_topop Check Point SecureClient Topology Requests
265 TCP FW1_key Check Point VPN-1 Public key transfer protocol
389 Both LDAP Secure Client connecting to LDAP without SSL
443 SNX VPN can use 443 too
444 TCP SNX VPN SNX VPN tunnel in connectra only
500 UDP IPSEC IKE Protocol (formerly ISAKMP/Oakley)
500 TCP IKE over TCP
500 UDP ISAKMPD_SPORT & ISAKMPD_DPORT
514 UDP Syslog Syslog
636 LDAP Secure Client connecting to LDAP with SSL
900 TCP FW1_clntauth_http Client Authentication Daemon
981 Management https on the edge
1247
1494 TCP Winframe Citrix
1645 TCP Radius
1719 UDP VOIP
1720 TCP VOIP
2040 TCP MIP meta Ip admin server
2746 UDP UDP encapsualtion for SR VPN1_IPSEC_encapsulation VPN1_IPSEC encapsulation
2746 TCP CPUDPENCap
4000 Policy Server Port (Redmond)
4433 TCP Connectra Admin HTTPS Connectra admin port
4500 UDP NAT-T NAT Traversal
4532 TCP SNDAEMON_PORT sn_auth_trap: sn_auth daemon Sec.Serv comm,
5001 TCP Meta IP Web Connection, MIP
5002 TCP Meta IP DHCP Failover
5004 TCP Meta IP UAM
5005 TCP Meta IP SMC
6969 UDP KP_PORT KeyProt
8116 UDP Check Point HA SyncMode= CPHAP (new sync mode)
8116 UDP Connection table synchronization between firewalls
8989 TCP CPIS Messaging MSG_DEFAULT_PORT
8998 TCP MDS_SERVER_PORT
9000 Command Line Port for Secure Client
10001 TCP Default CPRSM listener port for coms with RealSecure Console
18181 TCP FW1_cvp Check Point OPSEC Content Vectoring Protocol
18182 TCP FW1_ufp Check Point OPSEC URL Filtering Protocol
18183 TCP FW1_sam Check Point OPSEC Suspicious Activity monitoring Proto (SAM API)
18184 TCP FW1_lea Check Point OPSEC Log Export API
18185 TCP FW1_omi Check Point OPSEC Objects Management Interface
18186 TCP FW1_omi-sic Check Point OPSEC Objects management Interface with Secure Internal Communication
18187 TCP FW1_ela Check Point OPSEC Event Loging API
18190 TCP CPMI Check Point Management Interface
18191 TCP CPD Check Point Daemon Proto NG
18192 TCP CPD_amon Check Point Internal Application Monitoring NG
18193 TCP FW1_amon Check Point OPSEC Appication Monitoring NG
18201 TCP FGD_SVC_PORT
18202 TCP CP_rtm Check Point Real time Monitoring
18203 TCP FGD_RTMP_PORT
18204 TCP CE communication
18205 TCP CP_reporting Check Point Reporting Client Protocol
18207 TCP FW1_pslogon Check Point Policy Server logon Protocol
18208 TCP FW1_CPRID (SmartUpdate) Check Point remote Installation Protocol
18209 TCP FWM CA for establishing SIC communication
18210 TCP FW1_ica_pull Check Point Internal CA Pull Certificate Service
18211 TCP FW1_ica_pull Check Point Internal CA Push Certificate Service
18212 UDP Connect Control – Load Agent port
18213 TCP cpinp: inp (admin server)
18214 TCP cpsmc: SMC
18214 UDP cpsmc: SMC Connectionless
18221 TCP CP_redundant Check Point Redundant Management Protocol NG
18231 TCP FW1_pslogon_NG Check Point NG Policy Server Logon Protocol
18231 TCP NG listens on this port by default dtps.exe
18232 TCP FW1_sds_logon Check Point SecuRemote Distribution Server Protocol
18233 UDP Check Point SecureClient Verification Keepalive Protocol FW1_scv_keep_alive
18241 UDP e2ecp
18262 TCP CP_Exnet_PK Check Point Public Key Resolution
18263 TCP CP_Exnet_resolve Check Point Extranet remote objects resolution
18264 TCP FW1_ica_services Check Point Internal CA Fetch CRL and User Registration Services
19190 TCP FW1_netso Check Point OPSEC User Authority Simple Protocol
19191 TCP FW1_uaa Check point OPSEC User Authority API
65524 FW1_sds_logon_NG Secure Client Distribution Server Protocol (VC and Higher)

Check Point General Common Ports

PORT TYPE SERVICE DESCRIPTION
257 tcp FireWall-1 log transfer
18208 tcp CPRID (SmartUpdate)
18190 tcp SmartDashboard to SCS
18191 tcp SCS to FW-1 gateway for policy install
18192 tcp SCS monitoring of firewalls (SmartView Status)

Check Point SIC Ports

PORT TYPE SERVICE DESCRIPTION
18209 tcp NGX Gateways <> ICAs (status, issue, or revoke).
18210 tcp Pulls Certificates from an ICA.
18211 tcp Used by the cpd daemon (on the gateway) to receive Certificates.

Check Point Authentication Ports

PORT TYPE SERVICE DESCRIPTION
259 tcp Client Authentication (Telnet)
900 tcp Client Authentication (HTTP)

Tagged as: , ,

{ 1 comment… read it below or add one }

Rich Blais November 10, 2011 at 8:41 pm

James!

Nice website. I was hunting around the web to find a complete list of open ports used on Check Point firewalls and I found your site. Looks good!

A customer ran a netstat -a on their firewall and gave me a list of ports they are trying to identify (50k – 60k range). I’m thinking this may be normally traffic allowed by the rules of the firewall.

Hope you’re doing well. Take care.
Rich Blais
PS Consultant and Check Point Instructor.

Reply

Leave a Comment

Previous post:

Next post: