https://community.checkpoint.com/t5/Firewall-and-Security-Management/Ports-18265-18190-19009-are-exposed-via-Internet/m-p/112922#M15725 <P>18190 and 19009 are for SmartConsole, and 18265 is the ICA Tool.<BR />Which suggests this gateway is also a management station (i.e. you've installed it standalone).<BR />That might be...expected behavior.</P> <P>You can disable ICA tool via:&nbsp;<A href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk39915" target="_blank">https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk39915</A>&nbsp;<BR />Access to the other two ports should be controlled by GUI clients setting in cpconfig.</P> Wed, 10 Mar 2021 02:41:08 GMT PhoneBoy 2021-03-10T02:41:08Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Ports-18265-18190-19009-are-exposed-via-Internet/m-p/112918#M15723 <P>Hello team,&nbsp;</P><P>&nbsp;</P><P>After a deploy with a new device, we see our WAN interfaz is reachable through these ports:&nbsp;18265, 18190, 19009</P><P>Our device is SG 6200 Gaia R80.30.</P><P>&nbsp;</P><P>In other devices as SG 2200 R77.30 and SG 5100 R80.10 their IP's are not reachable through those ports.</P><P>&nbsp;</P><P>I understand this is normal but only internal communication, not exposed to internet due ICA services, but I'm affiard it could be a vulnerability.</P><P>&nbsp;</P><P>&nbsp;</P> Wed, 10 Mar 2021 00:10:32 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Ports-18265-18190-19009-are-exposed-via-Internet/m-p/112918#M15723 Almal_Luna 2021-03-10T00:10:32Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Ports-18265-18190-19009-are-exposed-via-Internet/m-p/112922#M15725 <P>18190 and 19009 are for SmartConsole, and 18265 is the ICA Tool.<BR />Which suggests this gateway is also a management station (i.e. you've installed it standalone).<BR />That might be...expected behavior.</P> <P>You can disable ICA tool via:&nbsp;<A href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk39915" target="_blank">https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk39915</A>&nbsp;<BR />Access to the other two ports should be controlled by GUI clients setting in cpconfig.</P> Wed, 10 Mar 2021 02:41:08 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Ports-18265-18190-19009-are-exposed-via-Internet/m-p/112922#M15725 PhoneBoy 2021-03-10T02:41:08Z