Check Point VPN-1/FireWall-1

TCP and UDP Ports used by Version 4.x 


AERAsec Network Services and Security GmbH


This table gives a short description of the TCP and UDP ports used by Check Point VPN-1/FireWall-1 4.x

This version is still using more ports, e.g. those for LDAP. The ports listed are specific for a Check Point VPN-1/FireWall-1 4.x.
Ports used by Check Point Next Generation you find here.

Port No. Name Short description
256 /tcp FW1 Check Point VPN-1 & FireWall-1 Service
- Download of rulebase from MM to FWM
- Fetching rulebase from FWM to MM when starting
- Exchange of CA- and DH-keys between MM's for SKIP and FWZ (4.0)
- Download of public keys and topology by SR (build 4005 and before)
257 /tcp FW1_log Check Point VPN-1 & FireWall-1 Logs
- Protocol used for transferring Logs between FWM and MM
258 /tcp FW1_mgmt Check Point VPN-1 & FireWall-1 Management
- Protocol for communication between GUI and MM
259 /tcp FW1_clntauth
FW1_clntauth_telnet
Check Point VPN-1 & FireWall-1 Client Authentication (Telnet)
- Protocol for performing Client-Authentication at FWM using telnet
259 /udp RDP Check Point VPN-1 FWZ Key Negotiations - Reliable Datagram Protocol
- Protocol used for FWZ VPN
260 /udp FW1_snmp Check Point VPN-1 & FireWall-1 SNMP Agent
- Check Point's SNMP, used additionally to 161/udp (snmp)
261 /tcp FW1_snauth Check Point VPN-1 & FireWall-1 Session Authentication
Protocol used for Session Authentication between FWM and SAA
264 /tcp FW1_topo Check Point VPN-1 SecuRemote Topology Requests
- Protocol used for Topology Download by SR (build 4100 and higher), SCl
265 /tcp FW1_key Check Point VPN-1 Public Key Transfer Protocol
- Protocol for exchanging CA- and DH-keys between MM's (SKIP, FWZ (4.1))
- Public Key download for SR/SCl
900 /tcp  FW1_clntauth_http Check Point VPN-1 & FireWall-1 Client Authentication (HTTP)
- Protocol for performing Client-Authentication at FWM using HTTP
18181 /tcp FW1_cvp Check Point OPSEC Content Vectoring Protocol
- Protocol used for communication between FWM and AntiVirus Server
18182 /tcp FW1_ufp Check Point OPSEC URL Filtering Protocol
- Protocol used for communication between FWM and Server for Content Control (e.g. Web Content)
18183 /tcp FW1_sam Check Point OPSEC Suspicious Activity Monitor API
- Protocol e.g. for Block Intruder between MM and FWM
18184 /tcp FW1_lea Check Point OPSEC Log Export API
- Protocol for exporting logs from MM
18185 /tcp FW1_omi Check Point OPSEC Objects Management Interface
Protocol used by applications having access to the ruleset saved at MM
18187 /tcp FW1_ela Check Point Event Logging API
- Protocol used by applications delivering logs to MM
18207 /tcp FW1_pslogon Check Point Policy Server Logon protocol
- Protocol used for download of Desktop Security from PS to SCl

Shortcuts

FWM  Firewall Module, Inspection Module, Enforcement Point, also SecuRemote Server
GUI Rulebase Editor, Graphical User Interface, Management Client, Policy Editor
MM Management Module, Management Server
PS Policy Server
SAA Session Authentication Agent
SR SecuRemote Client
SCl SecureClient

No warranty at all, your Feedback is welcome!
© 2002-2013 AERAsec Network Services and Security GmbH, last change 2002-07-25
back to http://www.vpn-1.de