|
Service |
Protocol |
Port |
Outbound/Inbound |
Function |
|---|---|---|---|---|
|
Web console |
TCP |
8010 |
Inbound (to the UserGate Management Center web console) |
Access to device management web interface. |
|
TCP |
8300 |
Inbound (to the web console of a UserGate NGFW connected to UGMC) |
Access to the web management interface of a UserGate NGFW connected to UGMC. |
|
|
CLI over SSH |
TCP |
2200 |
Inbound (to CLI over SSH) |
Access to the UserGate command line interface (CLI) over SSH. |
|
XML-RPC |
TCP |
4041 |
Inbound (to UserGate via API) |
UserGate device management via API. |
|
Remote assistance |
TCP |
22 |
Outbound (to technical support servers) |
Remote access to a technical support server. Access to servers:
|
|
NTP |
UDP |
123 |
Outbound (to a time server) |
Time synchronization. |
|
DNS |
UDP |
53 |
Outbound (from UserGate to a DNS server) |
The service that resolves domain names into IP addresses. |
|
UserGate server registration |
TCP |
443 |
Outbound (to the registration server) |
Access to the UserGate product registration server (reg2.usergate.com). |
|
Software and library updates |
TCP |
443 |
Outbound (to update servers) |
Update software and library items: access to static.entensys.com, updates.usergate.com. |
|
Replicate settings |
TCP |
4369 |
Inbound (from the first cluster node to the second and subsequent nodes) |
The service is required for the configuration cluster to work. Install a control connection. |
|
9000-9100 |
Inbound (receive configuration from the first cluster node) |
Transmit information about cluster configuration changes (replicate settings). |
||
|
UserGate Management Center service |
TCP |
9712 |
Inbound (to UGMC from NGFW and LogAn) |
Initial communication setup and encryption key exchange between the managed devices and the UserGate Management Center server. |
|
2022 |
Inbound (to UGMC from NGFW and LogAn) |
Build an SSH tunnel to exchange data using the received keys. |
||
|
LDAP |
TCP |
389, 636 |
Outbound (to LDAP connector) |
Execute LDAP requests (389 for LDAP and 636 for LDAP over SSL). |
|
RADIUS |
UDP |
1812 |
Outbound (to a RADIUS authentication server) |
User authentication via the RADIUS protocol. |
|
TACACS+ |
TCP |
49 |
Outbound (to a TACACS+ authentication server) |
Authentication of users via the TACACS+ protocol. |
|
SNMP |
UDP |
161 |
Inbound (to UserGate) |
Access to the UserGate server via SNMP. |
|
SMTP |
TCP |
25 |
Outbound (to a mail server) |
Send alerts to email. |
|
DHCP |
UDP |
67, 68 |
Outbound (IP address request from UserGate to a DHCP server) |
DHCP services. |
|
FTP (logs export) |
TCP |
21 |
Outbound (to an FTP server) |
Export logs to an FTP server. |
|
SSH (logs export) |
TCP |
22 |
Outbound (to an SSH server) |
Export logs to an SSH server. |
|
Syslog (logs export) |
TCP/UDP |
514 |
Outbound (to the Syslog server) |
Export logs to a Syslog server. |