Checkpoint firewall Ports

Port No. Name in Service Manager Short description

256 /tcp FW1 Check Point VPN-1 & FireWall-1 Service
257 /tcp FW1_log Check Point VPN-1 & FireWall-1 Logs
258 /tcp FW1_mgmt Check Point VPN-1 & FireWall-1 Management (Version 4.x,
obsolete)
259 /tcp FW1_clntauth
259 /udp RDP Check Point VPN-1 FWZ Key Negotiations Reliable Datagram
Protocol
260 /udp FW1_snmp Check Point VPN-1 & FireWall-1 SNMP Agent
261 /tcp FW1_snauth Check Point VPN-1 & FireWall-1 Session Authentication
262 /tcp not predefined only internally used by Mail Dequerer (process: mdq)
264 /tcp FW1_topo Check Point VPN-1 SecuRemote Topology Requests
265 /tcp FW1_key Check Point VPN-1 Public Key Transfer Protocol
900 /tcp FW1_clntauth
981 /tcp not predefined Check Point VPN-1 Edge remote administration from
external using HTTPS
2746 /udp VPN1_IPSEC_encapsulation Check Point VPN-1 SecuRemote IPSEC
Transport Encapsulation Protocol
4532 / tcp not predefined only internally used by Session Authentication
(in.asessiond)
5004 /udp MetaIP-UAT Check Point Meta IP UAM Client-Server Communication
8116 /udp not predefined Check Point Cluster Control Protocol
8989 / tcp not predefined only internally used by CMA for Messaging (process: cpd)
9281 /udp SWTP_Gateway VPN-1 Embedded / SofaWare commands
9282 /udp SWTP_SMS VPN-1 Embedded / SofaWare Management Server (SMS)

18181 /tcp FW1_cvp Check Point OPSEC Content Vectoring Protocol

18182 /tcp FW1_ufp Check Point OPSEC URL Filtering Protocol
18183 /tcp FW1_sam Check Point OPSEC Suspicious Activity Monitor API
18184 /tcp FW1_lea Check Point OPSEC Log Export API
18185 /tcp FW1_omi Check Point OPSEC Objects Management Interface
18186 /tcp FW1_omi-sic Check Point OPSEC Objects Management Interface with SIC
18187 /tcp FW1_ela Check Point OPSEC Event Logging API
18190 /tcp CPMI Check Point Management Interface
18191 /tcp CPD Check Point Daemon Protocol
18192 /tcp CPD_amon Check Point Internal Application Monitoring
18193 /tcp FW1_amon Check Point OPSEC Application Monitoring
18202 /tcp CP_rtm Check Point RTM Log
18205 /tcp CP_reporting Check Point Reporting client
18207 /tcp FW1_pslogon Check Point Policy Server Logon protocol
18208 /tcp FW1_CPRID Check Point Remote Installation Protocol
18209 /tcp not predefined Protocol used in SIC for communication between FWM and
ICA (status, issue, revoke)
18210 /tcp FW1_ica_pull Check Point Internal CA Pull Certificate Service
18211 /tcp FW1_ica_push Check Point Internal CA Push Certificate Service
18212 /udp FW1_load_agent Check Point ConnectControl Load Agent
18221 /tcp CP_redundant Check Point Redundant Management Protocol
18231 /tcp FW1_pslogon_NG Check Point NG Policy Server Logon protocol (NG)
18232 /tcp FW1_sds_logon Check Point SecuRemote Distribution Server Protocol

18233 /udp FW1_scv_keep_alive Check Point SecureClient Verification KeepAlive

Protocol
18234 /udp tunnel_test Check Point tunnel testing application
18241 /udp E2ECP Check Point End to End Control Protocol
18262 /tcp CP_Exnet_PK Check Point Extrnet public key advertisement
18263 /tcp CP_Exnet_resolve Check Point Extranet remote objects resolution
18264 /tcp FW1_ica_services Check Point Internal CA Fetch CRL and User
Registration Services
18265/tcp FW1_ica_mgmt_tools Check Point Internal CA Management Tools
19190 /tcp FW1_netso Check Point User Authority simple protocol
19191 /tcp FW1_uaa Check Point OPSEC User Authority API
19194 /udp CP_SecureAgent-udp SecureAgent Authentication service
19195 /udp CP_SecureAgent-udp SecureAgent Authentication service
60709 / tcp not predefined Internally used by SecurePlatform for web based system
administration (process: cpwmd). Its bound to localhost, so no remote connect is
possible.
65524 /tcp FW1_sds_logon_NG Check Point SecuRemote Distribution Server Protocol