Security Gateway communication ports
TCP Port 256 is used for:
- Exchange of CA and DH keys in FWZ and skip encryption between two Security Management servers.
- To fetch the network topology and encryption keys from a Security Management server.
- Security Management server uses this port to push the Security policy to the remote gateway.
TCP Port 257 is used for logging purposes.
TCP Port 258 is used by the remote GUI.
TCP Port 259 is used for Client Authentication.
UDP Port 259 is used in FWZ encryption to manage the encrypted session.
UDP Port 260 and UDP Port 261 are used for the SNMP daemon.
TCP Port 262 is used by netsod, which is the Single Sign-on Daemon.
TCP Port 264 is used by Secure Client to fetch the network topology and encryption keys from Security Management server. Security Gateway only listens to this port on a Security Management server.
UDP Port 500 is used for IKE negotiations.
TCP Port 900 is used by Client Authentication via HTTP.
TCP Port 4532 is used by the Session Authentication agent.
TCP Port 18181 is used for CVP (Content Vectoring Protocol). Security Gateway does not listen on this port.
TCP Port 18182 is used for UFP (URL Filtering Protocol). Security Gateway does not listen on this port.
TCP Port 18183 is used for SAM (Suspicious Activity Monitoring).
TCP Port 18184 is used for Log Export API (LEA).
TCP Port 18190 (CPMI) is used by FWM process to listen for SmartConsole attempting to connect to the Security Management server.
TCP Port 18191 (CPD) is used by the CPD process for communications such as Security policy installation, certificate revocation and status queries.
TCP Port 18192 (CPD_amon) is used by the CPD process for the Application Monitoring.
TCP Port 18196 is used for CPEPS which is part of User Monitor.
TCP Port 18207 is used by polsrvd, which is the Single Sign-on Daemon.
TCP Port 18210 (FW1_ica_pull): The CPD process, on the Security Management server, is listening on TCP port 18210 for certificates to be "pulled" by a gateway from a Security Management server.
TCP Port 18211 (FW1_ica_push): The Check Point Daemon (CPD) process, running on the gateway, listens on this port for the certificate creation and to "push" the certificate to the gateway from the Security Management server.