Appendix 1. Network environment requirements

Service

Protocol

Port

Outbound/Inbound

Function

Web console

TCP

8010

Inbound (to LogAn web console)

Access to the management web interface of a device.

CLI over SSH

TCP

2200

Inbound (to CLI over SSH)

Access to the UserGate command line interface (CLI) over SSH.

XML-RPC

TCP

4041

Inbound (to UserGate via API)

UserGate device management via API.

Remote assistance

TCP

22

Outbound (to technical support servers)

Remote access to a technical support server.

Access to servers:

  • 93.91.171.46;

  • 178.154.221.222;

  • ra.entensys.com.

NTP

UDP

123

Outbound (to a time server)

Time synchronization.

DNS

UDP

53

Outbound (to DNS servers)

The service that resolves domain names into IP addresses.

UserGate server registration

TCP

443

Outbound (to the registration server)

Access to the UserGate product registration server (reg2.entensys.com).

Update software and libraries

TCP

443

Outbound (to update servers)

Update software and library items: access to static.entensys.com, updates.usergate.com.

Communication with UGMC

TCP

9712

Outbound (from LogAn to UGMC)

Initial communication and exchange of encryption keys with the UGMC server.

2022

Outbound (from LogAn to UGMC)

Build an SSH tunnel to exchange data using the received keys.

LogAn service

TCP

9713

Outbound (from LogAn to NGFW)

Initial communication and exchange of encryption keys with the NGFW server.

2023

Outbound (from LogAn to NGFW)

Build an SSH tunnel to exchange data using the received keys.

TCP

22699 (receive data from NGFW 6.x.x), 22711 (receive data from NGFW 7.x.x that uses SSL)

Inbound (from NGFW to LogAn)

The LogAn log collection service.

SNMP

UDP

161

Inbound (to LogAn)

Access to the UserGate server via SNMP.

Log collector

TCP/UDP

514

Inbound (to LogAn)

A service that collects information from remote devices using the Syslog protocol.

SMTP

TCP

25

Outbound (to a mail server)

Send alerts to email.

DHCP

UDP

67, 68

Outbound (IP address request from UserGate to a DHCP server)

DHCP service.

LDAP

TCP

389, 636

Outbound (to LDAP connector)

Execute LDAP requests (389 for LDAP and 636 for LDAP over SSL).

RADIUS

UDP

1812

Outbound (to a RADIUS authentication server)

User authentication via the RADIUS protocol.

TACACS+

TCP

49

Outbound (to a TACACS+ authentication server)

User authentication via the TACACS+ protocol.

FTP (logs export)

TCP

21

Outbound (to an FTP server)

Export logs to an FTP server.

SSH (logs export)

TCP

22

Outbound (to an SSH server)

Export logs to an SSH server.

Syslog (logs export)

TCP/UDP

514

Outbound (to the Syslog server)

Export logs to a Syslog server.