Solved: Re: R8x Ports Used for Communication by Various Ch... - Page 11

HeikoAnkenbrand · ‎2018-03-01

Introduction

This drawing should give you an overview of the used R80, R81 ports respectively communication flows. It should give you an overview of how different Check Point modules communicate with each other. Furthermore, services that are used for firewall operation are also considered. These firewall services are also partially mapped as implied rules in the set on the firewall.

Overview

Download PDF

Download R8x:
R8x Ports Used for Communication PDF

SmartConsole Extention

New!

Now I have developed a SmartConsole Extension so that you can view the overview directly in the SmartConsole.
In the Access Policy section in the upper area, there is a tab called "Ports for Modules". More infos here.

Extension URL: https://www.ankenbrand24.de/ex/ports.json

References

Support Center: Ports used by Check Point software

Versions

Version 2.2:
+ v2.2a R82 + R82.10 update 01/28/2026

Version 2.1:
+ v2.1c  all new R82 ports + two bugs fixed   10/20/2025
+ v2.1b all new R82 ports (IA + RA VPN ikev2)            10/29/2024
+ v2.1a all new R81.20 ports (Cloudguard + VPN + ClusterXL)           07/15/2024

old Version 2.0:
+ v2.0f new! now with SmartConsole Extension                                02/13/2023
+ v2.0e add LOM port 2048                                                                       01/31/2023
+ v2.0d add LOM ports                                                           01/23/2023
+ v2.0c new colors + design                                                                      01/22/2023
+ v2.0b best mistake 🙂 SmartDashboard versus SmartConsole     01/22/2023
+ v2.0a correct names : SMS, MDS, SmartConsole, ...                          01/21/2023

old Version 1.9:
+ v1.9a add port 443 cloud CME 19.03.2022
+ v1.9b fix port issue 442 cloud CME 22.03.2022

old Version 1.8:
+ v1.8a R81.10 EA update 04.05.2021
+ v1.8b add port 18264 30.05.2021
+ v1.8c R81.10 upgrade 28.07.2021

old Version 1.7:
+ v1.7a R81 EA update 17.07.2021
+ v1.7b bug fix 20.08.2021
+ v1.7c bug fix + new download link 25.06.2021

old Version 1.6:
+ v1.6a add Azure ports 05.05.2020
+ v1.6b add all cloud ports 15.06.2020

old Version 1.5:
+ v1.5a typos corrected 18.09.2019
+ v1.5b port update 26.01.2020

old version 1.4:
+ v1.4a bug fix, update port 1701 udp L2TP 09.04.2018
+ v1.4b bug fix 15.04.2018
+ v1.4c CPUSE update 17.04.2018
+ v1.4d legend fixed 17.04.2018
+ v1.4e add SmartLog and SmartView on port 443 20.04.2018
+ v1.4f bug fix 21.05.2018
+ v1.4g bug fix 25.05.2018
+ v1.4h add Backup ports 21, 22, 69 UDP and ClusterXL full sync port 256 30.05.2018
+ v1.4i add port 259 udp VPN link probeing 12.06.2018
+ v1.4j bug fix 17.06.2018
+ v1.4k add OSPF/BGP route Sync 25.06.2018
+ v1.4l bug fix routed 29.06.2018
+ v1.4m bug fix tcp/udp ports 03.07.2018
+ v1.4n add port 256 13.07.2018
+ v1.4o bug fix / add TE ports 27.11.2018
+ v1.4p bug fix routed port 2010 23.01.2019
+ v1.4q change to new forum format 16.03.2019

old version 1.3:
+ v1.3a new designe (blue, gray), bug fix, add netflow, new names 27.03.2018
+ v1.3b add routing ports, bug fix designe 28.03.2018
+ v1.3c bug fix, rename ports (old) 29.03.2018
+ v1.3d bug fix 30.03.2018
+ v1.3e fix issue L2TP UDP port 1701

old version 1.1:
+ v1.1a - added r80.xx ports 16.03.2018
+ v1.1b - bug in drawing fixed 17.03.2018
+ v1.1c - add RSA, TACACS, Radius 19.03.2018
+ v1.1d - add 900, 259 Client-auth - deleted od 4.0 ports 20.03.2018
+ v1.1e - add OPSEC -delete R55 ports 21.03.2018
+ v1.1f - bug fix 22.03.2018
+ v1.1g - bug fix - add mail smtp -add dhcp - add snmp 25.03.2018

➜ CCSM Elite, CCME, CCTE ➜ www.checkpoint.tips

Daniel_Kuhl1 · ‎2024-09-26

@HeikoAnkenbrand I don't remember how often I used this overview myself and forward the link to customers as it is so useful! 😊 Thanks again for creating it and keeping it up to date.

Maybe I should post anytime I'm using it. 😂

otto_w · ‎2024-10-28

top

FirewallXL · ‎2024-10-29

very nice

HeikoAnkenbrand · ‎2024-10-29

Now with R82 ports.

➜ CCSM Elite, CCME, CCTE ➜ www.checkpoint.tips

Daniel_Kuhl1 · ‎2024-10-30

Hey @HeikoAnkenbrand, would it make sense to add TCP/8211 for connections between MDSM Server and Log Server used by SOLR? Recently I stumbled over this one and couldn't find it on the diagram. 😊

HeikoAnkenbrand · ‎2024-10-30

Hi @Daniel_Kuhl1,

THX, I will change it in the next verion.

➜ CCSM Elite, CCME, CCTE ➜ www.checkpoint.tips

Daniel_Kuhl1 · ‎2024-10-30

Great, thanks!

genisis__ · ‎2025-03-01

Could the pdf link be updated please?

jo_dolowsk · ‎2024-11-01

Hi @HeikoAnkenbrand

Very helpful overview of used ports.

Max_FL · ‎2024-11-06

Thanks for the R82 upgrade.
Nice job.

hanni · ‎2025-03-01

nice

Lars_Roerll · ‎2025-09-01

nice

Ingard · ‎2025-10-15

top

HeikoAnkenbrand · ‎2025-10-20

Two bugs fixed.

➜ CCSM Elite, CCME, CCTE ➜ www.checkpoint.tips

JamalR · ‎2025-10-29

Very, very nice!

Sven_Ott · ‎2025-10-30

ClusterXL uses port 8117 with CloudGuard. Could you please add this?

HeikoAnkenbrand · ‎2025-10-31

Port 8117 has been integrated since version 2.0b.

➜ CCSM Elite, CCME, CCTE ➜ www.checkpoint.tips

genisis__

Not sure if this would be worth adding, but I've noted on Quantum Spark, in the WEBUI, you can connect to the CLI, this actually initiates a new connection from the client to the GW on port TCP/5555 (SSH based connection) by default to the Spark appliance (seen in R81.10 and R82.00.10). This does not seem to be documented anywhere other the a SK to change this default port.

I've been told that this was used internally in Checkpoint but they left it in place.

dt7 · ‎2025-11-02

Hello, how to get the 2.1c file? The link still points to 2.1a and modifying the URL does not lead anywhere 🙂

Thank you.

DavideAbrigo

Hello,

were you able to download 2.1c? I would also like to get the updated version.

Thanks,
Davide

dt7

Hello, nope.. not sure how to get it.

juergen_wollert

Nice overview!

Are you a member of CheckMates?

R8x Ports Used for Communication by Various Check Point Modules (new version 2.1)