This version is still using more ports, e.g. those for LDAP. The ports listed
are specific for a Check Point VPN-1/FireWall-1 4.x.
Ports used by Check Point Next Generation you find here.
| Port No. | Name | Short description |
| 256 /tcp | FW1 | Check Point VPN-1 & FireWall-1 Service - Download of rulebase from MM to FWM - Fetching rulebase from FWM to MM when starting - Exchange of CA- and DH-keys between MM's for SKIP and FWZ (4.0) - Download of public keys and topology by SR (build 4005 and before) |
| 257 /tcp | FW1_log | Check Point VPN-1 & FireWall-1 Logs - Protocol used for transferring Logs between FWM and MM |
| 258 /tcp | FW1_mgmt | Check Point VPN-1 & FireWall-1 Management - Protocol for communication between GUI and MM |
| 259 /tcp | FW1_clntauth FW1_clntauth_telnet |
Check Point VPN-1 & FireWall-1 Client Authentication (Telnet) - Protocol for performing Client-Authentication at FWM using telnet |
| 259 /udp | RDP | Check Point VPN-1 FWZ Key Negotiations - Reliable Datagram Protocol - Protocol used for FWZ VPN |
| 260 /udp | FW1_snmp | Check Point VPN-1 & FireWall-1 SNMP Agent - Check Point's SNMP, used additionally to 161/udp (snmp) |
| 261 /tcp | FW1_snauth | Check Point VPN-1 & FireWall-1 Session
Authentication Protocol used for Session Authentication between FWM and SAA |
| 264 /tcp | FW1_topo | Check Point VPN-1 SecuRemote Topology Requests - Protocol used for Topology Download by SR (build 4100 and higher), SCl |
| 265 /tcp | FW1_key | Check Point VPN-1 Public Key Transfer Protocol - Protocol for exchanging CA- and DH-keys between MM's (SKIP, FWZ (4.1)) - Public Key download for SR/SCl |
| 900 /tcp | FW1_clntauth_http | Check Point VPN-1 & FireWall-1 Client Authentication (HTTP) - Protocol for performing Client-Authentication at FWM using HTTP |
| 18181 /tcp | FW1_cvp | Check Point OPSEC Content Vectoring Protocol - Protocol used for communication between FWM and AntiVirus Server |
| 18182 /tcp | FW1_ufp | Check Point OPSEC URL Filtering Protocol - Protocol used for communication between FWM and Server for Content Control (e.g. Web Content) |
| 18183 /tcp | FW1_sam | Check Point OPSEC Suspicious Activity Monitor API - Protocol e.g. for Block Intruder between MM and FWM |
| 18184 /tcp | FW1_lea | Check Point OPSEC Log Export API - Protocol for exporting logs from MM |
| 18185 /tcp | FW1_omi | Check Point OPSEC Objects Management Interface Protocol used by applications having access to the ruleset saved at MM |
| 18187 /tcp | FW1_ela | Check Point Event Logging API - Protocol used by applications delivering logs to MM |
| 18207 /tcp | FW1_pslogon | Check Point Policy Server Logon protocol - Protocol used for download of Desktop Security from PS to SCl |
|
Shortcuts |
|
| FWM | Firewall Module, Inspection Module, Enforcement Point, also SecuRemote Server |
| GUI | Rulebase Editor, Graphical User Interface, Management Client, Policy Editor |
| MM | Management Module, Management Server |
| PS | Policy Server |
| SAA | Session Authentication Agent |
| SR | SecuRemote Client |
| SCl | SecureClient |
No warranty at all, your Feedback
is welcome!
© 2002-2008 AERAsec Network Services and
Security GmbH, last change 2002-07-25
back to http://www.vpn-1.de