Service |
Protocol |
Port |
Outbound/Inbound |
Function |
---|---|---|---|---|
Web console |
TCP |
8010 |
Inbound (to LogAn web console) |
Access to the management web interface of a device. |
CLI over SSH |
TCP |
2200 |
Inbound (to CLI over SSH) |
Access to the UserGate command line interface (CLI) over SSH. |
XML-RPC |
TCP |
4041 |
Inbound (to UserGate via API) |
UserGate device management via API. |
Remote assistance |
TCP |
22 |
Outbound (to technical support servers) |
Remote access to a technical support server. Access to servers:
|
NTP |
UDP |
123 |
Outbound (to a time server) |
Time synchronization. |
DNS |
UDP |
53 |
Outbound (to DNS servers) |
The service that resolves domain names into IP addresses. |
UserGate server registration |
TCP |
443 |
Outbound (to the registration server) |
Access to the UserGate product registration server (reg2.entensys.com). |
Update software and libraries |
TCP |
443 |
Outbound (to update servers) |
Update software and library items: access to static.entensys.com, updates.usergate.com. |
Communication with UGMC |
TCP |
9712 |
Outbound (from LogAn to UGMC) |
Initial communication and exchange of encryption keys with the UGMC server. |
2022 |
Outbound (from LogAn to UGMC) |
Build an SSH tunnel to exchange data using the received keys. |
||
LogAn service |
TCP |
9713 |
Outbound (from LogAn to NGFW) |
Initial communication and exchange of encryption keys with the NGFW server. |
2023 |
Outbound (from LogAn to NGFW) |
Build an SSH tunnel to exchange data using the received keys. |
||
TCP |
22699 (receive data from NGFW 6.x.x), 22711 (receive data from NGFW 7.x.x that uses SSL) |
Inbound (from NGFW to LogAn) |
The LogAn log collection service. |
|
SNMP |
UDP |
161 |
Inbound (to LogAn) |
Access to the UserGate server via SNMP. |
Log collector |
TCP/UDP |
514 |
Inbound (to LogAn) |
A service that collects information from remote devices using the Syslog protocol. |
SMTP |
TCP |
25 |
Outbound (to a mail server) |
Send alerts to email. |
DHCP |
UDP |
67, 68 |
Outbound (IP address request from UserGate to a DHCP server) |
DHCP service. |
LDAP |
TCP |
389, 636 |
Outbound (to LDAP connector) |
Execute LDAP requests (389 for LDAP and 636 for LDAP over SSL). |
RADIUS |
UDP |
1812 |
Outbound (to a RADIUS authentication server) |
User authentication via the RADIUS protocol. |
TACACS+ |
TCP |
49 |
Outbound (to a TACACS+ authentication server) |
User authentication via the TACACS+ protocol. |
FTP (logs export) |
TCP |
21 |
Outbound (to an FTP server) |
Export logs to an FTP server. |
SSH (logs export) |
TCP |
22 |
Outbound (to an SSH server) |
Export logs to an SSH server. |
Syslog (logs export) |
TCP/UDP |
514 |
Outbound (to the Syslog server) |
Export logs to a Syslog server. |