PORT |
TYPE |
SERVICE DESCRIPTION |
21 |
TCP |
ftp File transfer Protocol (control) |
21 |
UDP |
ftp File transfer Protocol (control) |
22 |
Both |
ssh SSH remote login |
25 |
both |
SMTP Simple Mail transfer Protocol |
50 |
|
Encryption IP protocols esp – IPSEC Encapsulation Security Payload |
51 |
|
Encryption IP protocols ah – IPSEC Authentication Header Protocol |
53 |
Both |
Domain Name Server |
69 |
Both |
TFTP Trivial File Transfer Protocol |
94 |
TCP |
Encryption IP protocols fwz_encapsulation (FW1_Eencapsulation) |
137 |
Both |
Netbios-ns NETBIOS Name Service |
138 |
Both |
netbios-dgm NETBIOS Datagram |
139 |
Both |
netbios-ssn NETBIOS Session |
256 |
TCP |
FW1 (fwd) policy install port FWD_SVC_PORT |
257 |
TCP |
FW1_log FW1_log FWD_LOG_PORT |
258 |
TCP |
FW1_mgmt FWM_SSVVC_PORT |
259 |
TCP |
FW1_clientauth_telnet |
259 |
UDP |
RDP Reliable Datagram Protocol |
260 |
TCP |
sync |
260 |
UDP |
FW1_snmp FWD_SNMP_PORT |
261 |
TCP |
FW1_snauth Session Authentication Daemon |
262 |
TCP |
MDQ – mail dequer |
263 |
TCP |
dbs |
264 |
TCP |
FW1_topop Check Point SecureClient Topology Requests |
265 |
TCP |
FW1_key Check Point VPN-1 Public key transfer protocol |
389 |
Both |
LDAP Secure Client connecting to LDAP without SSL |
443 |
|
SNX VPN can use 443 too |
444 |
TCP |
SNX VPN SNX VPN tunnel in connectra only |
500 |
UDP |
IPSEC IKE Protocol (formerly ISAKMP/Oakley) |
500 |
TCP |
IKE over TCP |
500 |
UDP |
ISAKMPD_SPORT & ISAKMPD_DPORT |
514 |
UDP |
Syslog Syslog |
636 |
|
LDAP Secure Client connecting to LDAP with SSL |
900 |
TCP |
FW1_clntauth_http Client Authentication Daemon |
981 |
|
Management https on the edge |
1247 |
|
|
1494 |
TCP |
Winframe Citrix |
1645 |
TCP |
Radius |
1719 |
UDP |
VOIP |
1720 |
TCP |
VOIP |
2040 |
TCP |
MIP meta Ip admin server |
2746 |
UDP |
UDP encapsualtion for SR VPN1_IPSEC_encapsulation VPN1_IPSEC encapsulation |
2746 |
TCP |
CPUDPENCap |
4000 |
|
Policy Server Port (Redmond) |
4433 |
TCP |
Connectra Admin HTTPS Connectra admin port |
4500 |
UDP |
NAT-T NAT Traversal |
4532 |
TCP |
SNDAEMON_PORT sn_auth_trap: sn_auth daemon Sec.Serv comm, |
5001 |
TCP |
Meta IP Web Connection, MIP |
5002 |
TCP |
Meta IP DHCP Failover |
5004 |
TCP |
Meta IP UAM |
5005 |
TCP |
Meta IP SMC |
6969 |
UDP |
KP_PORT KeyProt |
8116 |
UDP |
Check Point HA SyncMode= CPHAP (new sync mode) |
8116 |
UDP |
Connection table synchronization between firewalls |
8989 |
TCP |
CPIS Messaging MSG_DEFAULT_PORT |
8998 |
TCP |
MDS_SERVER_PORT |
9000 |
|
Command Line Port for Secure Client |
10001 |
TCP |
Default CPRSM listener port for coms with RealSecure Console |
18181 |
TCP |
FW1_cvp Check Point OPSEC Content Vectoring Protocol |
18182 |
TCP |
FW1_ufp Check Point OPSEC URL Filtering Protocol |
18183 |
TCP |
FW1_sam Check Point OPSEC Suspicious Activity monitoring Proto (SAM API) |
18184 |
TCP |
FW1_lea Check Point OPSEC Log Export API |
18185 |
TCP |
FW1_omi Check Point OPSEC Objects Management Interface |
18186 |
TCP |
FW1_omi-sic Check Point OPSEC Objects management Interface with Secure Internal Communication |
18187 |
TCP |
FW1_ela Check Point OPSEC Event Loging API |
18190 |
TCP |
CPMI Check Point Management Interface |
18191 |
TCP |
CPD Check Point Daemon Proto NG |
18192 |
TCP |
CPD_amon Check Point Internal Application Monitoring NG |
18193 |
TCP |
FW1_amon Check Point OPSEC Appication Monitoring NG |
18201 |
TCP |
FGD_SVC_PORT |
18202 |
TCP |
CP_rtm Check Point Real time Monitoring |
18203 |
TCP |
FGD_RTMP_PORT |
18204 |
TCP |
CE communication |
18205 |
TCP |
CP_reporting Check Point Reporting Client Protocol |
18207 |
TCP |
FW1_pslogon Check Point Policy Server logon Protocol |
18208 |
TCP |
FW1_CPRID (SmartUpdate) Check Point remote Installation Protocol |
18209 |
TCP |
FWM CA for establishing SIC communication |
18210 |
TCP |
FW1_ica_pull Check Point Internal CA Pull Certificate Service |
18211 |
TCP |
FW1_ica_pull Check Point Internal CA Push Certificate Service |
18212 |
UDP |
Connect Control – Load Agent port |
18213 |
TCP |
cpinp: inp (admin server) |
18214 |
TCP |
cpsmc: SMC |
18214 |
UDP |
cpsmc: SMC Connectionless |
18221 |
TCP |
CP_redundant Check Point Redundant Management Protocol NG |
18231 |
TCP |
FW1_pslogon_NG Check Point NG Policy Server Logon Protocol |
18231 |
TCP |
NG listens on this port by default dtps.exe |
18232 |
TCP |
FW1_sds_logon Check Point SecuRemote Distribution Server Protocol |
18233 |
UDP |
Check Point SecureClient Verification Keepalive Protocol FW1_scv_keep_alive |
18241 |
UDP |
e2ecp |
18262 |
TCP |
CP_Exnet_PK Check Point Public Key Resolution |
18263 |
TCP |
CP_Exnet_resolve Check Point Extranet remote objects resolution |
18264 |
TCP |
FW1_ica_services Check Point Internal CA Fetch CRL and User Registration Services |
19190 |
TCP |
FW1_netso Check Point OPSEC User Authority Simple Protocol |
19191 |
TCP |
FW1_uaa Check point OPSEC User Authority API |
65524 |
|
FW1_sds_logon_NG Secure Client Distribution Server Protocol (VC and Higher) |
7 replies on “List of Check Point Ports”
James!
Nice website. I was hunting around the web to find a complete list of open ports used on Check Point firewalls and I found your site. Looks good!
A customer ran a netstat -a on their firewall and gave me a list of ports they are trying to identify (50k – 60k range). I’m thinking this may be normally traffic allowed by the rules of the firewall.
Hope you’re doing well. Take care.
Rich Blais
PS Consultant and Check Point Instructor.
HI JAMES. first I have to salute you for operating this site. Bcoz it is very useful to every enthusiastic learners and freshers.
As I am doing my NETWORK SECURITY & DATA PROTECTION UNDER LEVEL 7 in NATIONAL TECHNOLOGY INSTITUTE AUCKLAND-NEWZEALAND.
ALSO DOING STANFORD ONLINE CRYPTOGRAPHY TRAINING.THIS SITE GIVES ME ENERGY WHEN MY MACHINE GOES DOWN.IF FEEL DEPRESSED I WILL OPEN THIS SITE & GO THROUGH THE CERTIFICATIONS YOU HAVE GOT.IT GIVES ME AN ENTHU AGAIN I WILL START MY WORK.I AM VERY MUCH PROUD OF YOU.ALSO MY BEST WISHES FOR U TO ATTAIN CISSP CERTIFICATION ASAP.
I WILL GET TAT.KEEP GOING.U R THE ROLE MODEL FOR ME LIKE YOUNGSTERS WHO ARE LEARNING NETWORK SECURITY.THIS SITE HELPS A LOT TO ACHIEVE THE GOOD POSITION IN SECURITY DOMAIN
THANK YOU
SARAVANAN KERBEROS
thanks for the compliment
Hi James,
I tried severals times to know the IPsec port number now i find it in your website , much appreciated , Thank you.
Subash.A
Glad it helped!
19009 (CPM) is missing
How can enable one of these ports through CLI??