Support Center > Search Results > SecureKnowledge Details
Security Management Portal (SMP) active ports
Solution

The tables below list all active Security Management Portal (SMP) ports.

These ports should be opened on any firewall that is protecting the SMP server, either a physical firewall or the Windows Firewall running on the server.
In addition, if the SMP server is hidden behind NAT, then port forwarding must be defined for these ports.

If the managed appliance is behind a firewall, then the same ports must be opened in the reverse direction.

Incoming Ports (from Gateway to the SMP)

Protocol Port
Number
SmartDashboard
predefined
service
Purpose
TCP 53 domain-tcp DNS
TCP 80 http Redirect to port 443
UDP 256 FW1 Download certificate
TCP 257 FW1_log Log upload
TCP 443 ssl_v3 HTTPS traffic to SMP WebUI
TCP 514 syslog Syslog upload
TCP 9282 SWTP_SMS SMS DDNS requests
TCP 18191 CPD
  • SIC
  • Receiving Push actions from SMP
TCP 18192 CPD_amon
  • SIC
  • Application Monitoring (AMON) connections
TCP 18210 FW1_ica_pull Pulling certificates by Security Gateway from Security Management Sever
TCP 18211 FW1_ica_push Pushing certificates from the Internal Certificate Authority (ICA) on Security Management Sever to Security Gateway
TCP 18264 FW1_ica_services Connections to Management Server for Certificate Revocation Lists (CRLs)

 

Outgoing Ports (from the SMP to the Gateway)

Protocol Port SmartDashboard
predefined
service
Purpose
TCP 4434 N/A Check Point Appliance WebUI
TCP 18191 CPD Receive commands from SMP

 

Ports between multiple SMP servers (primary, secondary and JMLS servers)

Protocol Port Purpose
TCP 18184 Exporting Firewall logs by OPSEC products from the Security Management Server
TCP 18209 SIC between Security Management Server and the managed objects
TCP 18211 Pushing certificates from the Internal Certificate Authority (ICA) on Security Management Server

 

Related solutions:

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment