Port No. Name in Service Manager Short description
256 /tcp FW1 Check Point VPN-1 & FireWall-1 Service 257 /tcp FW1_log Check Point VPN-1 & FireWall-1 Logs 258 /tcp FW1_mgmt Check Point VPN-1 & FireWall-1 Management (Version 4.x, obsolete) 259 /tcp FW1_clntauth 259 /udp RDP Check Point VPN-1 FWZ Key Negotiations Reliable Datagram Protocol 260 /udp FW1_snmp Check Point VPN-1 & FireWall-1 SNMP Agent 261 /tcp FW1_snauth Check Point VPN-1 & FireWall-1 Session Authentication 262 /tcp not predefined only internally used by Mail Dequerer (process: mdq) 264 /tcp FW1_topo Check Point VPN-1 SecuRemote Topology Requests 265 /tcp FW1_key Check Point VPN-1 Public Key Transfer Protocol 900 /tcp FW1_clntauth 981 /tcp not predefined Check Point VPN-1 Edge remote administration from external using HTTPS 2746 /udp VPN1_IPSEC_encapsulation Check Point VPN-1 SecuRemote IPSEC Transport Encapsulation Protocol 4532 / tcp not predefined only internally used by Session Authentication (in.asessiond) 5004 /udp MetaIP-UAT Check Point Meta IP UAM Client-Server Communication 8116 /udp not predefined Check Point Cluster Control Protocol 8989 / tcp not predefined only internally used by CMA for Messaging (process: cpd) 9281 /udp SWTP_Gateway VPN-1 Embedded / SofaWare commands 9282 /udp SWTP_SMS VPN-1 Embedded / SofaWare Management Server (SMS)
18181 /tcp FW1_cvp Check Point OPSEC Content Vectoring Protocol
18182 /tcp FW1_ufp Check Point OPSEC URL Filtering Protocol 18183 /tcp FW1_sam Check Point OPSEC Suspicious Activity Monitor API 18184 /tcp FW1_lea Check Point OPSEC Log Export API 18185 /tcp FW1_omi Check Point OPSEC Objects Management Interface 18186 /tcp FW1_omi-sic Check Point OPSEC Objects Management Interface with SIC 18187 /tcp FW1_ela Check Point OPSEC Event Logging API 18190 /tcp CPMI Check Point Management Interface 18191 /tcp CPD Check Point Daemon Protocol 18192 /tcp CPD_amon Check Point Internal Application Monitoring 18193 /tcp FW1_amon Check Point OPSEC Application Monitoring 18202 /tcp CP_rtm Check Point RTM Log 18205 /tcp CP_reporting Check Point Reporting client 18207 /tcp FW1_pslogon Check Point Policy Server Logon protocol 18208 /tcp FW1_CPRID Check Point Remote Installation Protocol 18209 /tcp not predefined Protocol used in SIC for communication between FWM and ICA (status, issue, revoke) 18210 /tcp FW1_ica_pull Check Point Internal CA Pull Certificate Service 18211 /tcp FW1_ica_push Check Point Internal CA Push Certificate Service 18212 /udp FW1_load_agent Check Point ConnectControl Load Agent 18221 /tcp CP_redundant Check Point Redundant Management Protocol 18231 /tcp FW1_pslogon_NG Check Point NG Policy Server Logon protocol (NG) 18232 /tcp FW1_sds_logon Check Point SecuRemote Distribution Server Protocol
18233 /udp FW1_scv_keep_alive Check Point SecureClient Verification KeepAlive
Protocol 18234 /udp tunnel_test Check Point tunnel testing application 18241 /udp E2ECP Check Point End to End Control Protocol 18262 /tcp CP_Exnet_PK Check Point Extrnet public key advertisement 18263 /tcp CP_Exnet_resolve Check Point Extranet remote objects resolution 18264 /tcp FW1_ica_services Check Point Internal CA Fetch CRL and User Registration Services 18265/tcp FW1_ica_mgmt_tools Check Point Internal CA Management Tools 19190 /tcp FW1_netso Check Point User Authority simple protocol 19191 /tcp FW1_uaa Check Point OPSEC User Authority API 19194 /udp CP_SecureAgent-udp SecureAgent Authentication service 19195 /udp CP_SecureAgent-udp SecureAgent Authentication service 60709 / tcp not predefined Internally used by SecurePlatform for web based system administration (process: cpwmd). Its bound to localhost, so no remote connect is possible. 65524 /tcp FW1_sds_logon_NG Check Point SecuRemote Distribution Server Protocol