Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Networks_Team_B
Participant
Jump to solution

Port 18192

What does Port 18192 do exactly?

I can see traffic every minute from our secondary management server to a few of our gateways (on port 18192)

I can see that they have a 'lost' status, but it doesn't appear to be SIC related. 

Is it something like certain config not being exported/imported properly? 

What can we do to stop this please

Many thanks 

0 Kudos
2 Solutions

Accepted Solutions
Tal_Paz-Fridman
Employee
Employee

It is for the CPD AMON (Application Monitoring):

Check Point internal Application Monitoring (AMON) connections between Security Gateway and Management Server / SmartReporter Server / SmartEvent Server (CPD daemon)

 

Ports used by Check Point software:

https://support.checkpoint.com/results/sk/sk52421 

 

So basically used to deliver monitoring information from the remote machines to the Security Management Server. 

Because the Security Gateways are also aware of the Secondary Management Server as a "Management" they try to deliver status information.

View solution in original post

Lesley
Leader Leader
Leader

Backup management does not run the cpstat_monitor process (only active unit).

As stated in: https://support.checkpoint.com/results/sk/sk35278

This process is used for information in Smartview Monitor, I think that is why you have lost status.

You can test it to make the stand-by unit active and see if then the issue gone.

Regarding the 18192 port this is required to be allowed:

CP 18192 CPD_amon - Check Point Internal Application Monitoring Check Point internal Application Monitoring (AMON) connections between Security Gateway and Management Server / SmartReporter Server / SmartEvent Server (CPD daemon)
-------
If you like this post please give a thumbs up(kudo)! 🙂

View solution in original post

3 Replies
Tal_Paz-Fridman
Employee
Employee

It is for the CPD AMON (Application Monitoring):

Check Point internal Application Monitoring (AMON) connections between Security Gateway and Management Server / SmartReporter Server / SmartEvent Server (CPD daemon)

 

Ports used by Check Point software:

https://support.checkpoint.com/results/sk/sk52421 

 

So basically used to deliver monitoring information from the remote machines to the Security Management Server. 

Because the Security Gateways are also aware of the Secondary Management Server as a "Management" they try to deliver status information.

Lesley
Leader Leader
Leader

Backup management does not run the cpstat_monitor process (only active unit).

As stated in: https://support.checkpoint.com/results/sk/sk35278

This process is used for information in Smartview Monitor, I think that is why you have lost status.

You can test it to make the stand-by unit active and see if then the issue gone.

Regarding the 18192 port this is required to be allowed:

CP 18192 CPD_amon - Check Point Internal Application Monitoring Check Point internal Application Monitoring (AMON) connections between Security Gateway and Management Server / SmartReporter Server / SmartEvent Server (CPD daemon)
-------
If you like this post please give a thumbs up(kudo)! 🙂
the_rock
Legend
Legend

You definitely got the right answers. The sk @Tal_Paz-Fridman provided is probably the best reference.

Andy

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events