Service |
Protocol |
Port |
Outbound/Inbound |
Function |
---|---|---|---|---|
Web console |
TCP |
8001 |
Inbound (to UserGate NGFW Web Console) |
Access to the management web interface of a device. |
CLI over SSH |
TCP |
2200 |
Inbound (to CLI over SSH) |
Access to the UserGate command line interface (CLI) over SSH. |
XML-RPC |
TCP |
4040 |
Inbound (to UserGate via API) |
UserGate device management via API. |
Remote assistance |
TCP |
22 |
Outbound (to technical support servers) |
Remote access to technical support servers. Access to servers:
|
NTP |
UDP |
123 |
Outbound (to a precision time server)/Inbound (from clients to the UserGate server, if it is used as a precision time server) |
Time synchronization. |
DNS |
TCP/UDP |
53 |
Inbound (from clients to the UserGate server, if it is acting as a DNS server) |
The service that resolves domain names into IP addresses. |
UDP |
53 |
Outbound (to DNS servers) |
||
UserGate server registration |
TCP |
443 |
Outbound (to the registration server) |
UserGate product registration: access to reg2.usergate.com. |
Update software and libraries |
TCP |
443 |
Outbound (to update servers) |
Update software and library items: access to updates.usergate.com. |
Replicate settings |
TCP |
4369 |
Inbound (from the first cluster node to the second and subsequent nodes) |
This service is required for the configuration cluster to work. Set up a control connection. |
9000-9100 |
Inbound (receive configuration from the first cluster node) |
Transmit information about cluster configuration changes (replicate settings). |
||
Communication with UserGate Management Center |
TCP |
9712 |
Outbound (from UG NGFW to UGMC) |
Initial communication and encryption key exchange with the UserGate Management Center server. |
2022 |
Outbound (from UG NGFW to UGMC) |
Build an SSH tunnel to exchange data using the received keys. |
||
Communication with UserGate Log Analyzer |
TCP |
9713 |
Inbound (from LogAn to UG NGFW) |
Initial communication and exchange of encryption keys with the UserGate Log Analyzer server. |
2023 |
Inbound (from LogAn to UG NGFW) |
Build an SSH tunnel to exchange data using the received keys. |
||
TCP |
For versions 6.1.х: 1269 (transmit data to LogAn 6.1.x), 22699 (transmit data to LogAn 7.x.x) For versions 7.0.х: 22699 (transmit data to LogAn 6.1.x), 22711 (transmit data to LogAn 7.x.x using SSL) |
Outbound (from UG NGFW to LogAn) |
Transmit logs and telemetry to LogAn server. |
|
Connection of endpoints with UserGate Client software installed (available starting from version 7.1.0) |
TCP |
4045 |
Inbound (from an endpoint to UG NGFW) |
Connecting endpoints and receiving telemetry to check compliance. |
LDAP |
TCP |
389, 636 |
Outbound (to LDAP connector) |
Execute LDAP requests (389 for LDAP and 636 for LDAP over SSL). |
Captive portal and block pages |
TCP |
80, 443, 8002 |
Inbound (from a client browser to UG NGFW) |
Display a Captive portal authentication page and block pages. |
8043 |
When the "HTTPS for auth page" option is activated. |
|||
Kerberos |
TCP/UDP |
88 |
Outbound (to a Kerberos authentication server) |
Authenticate users via the Kerberos protocol. |
NTLM |
TCP |
445 |
Outbound (to an NTLM authentication server) |
Authenticate users via the NTLM protocol. |
RADIUS |
UDP |
1812 |
Outbound (to a RADIUS authentication server) |
User authentication via the RADIUS protocol. |
TACACS+ |
TCP |
49 |
Outbound (to a TACACS+ authentication server) |
User authentication via the TACACS+ protocol. |
Terminal service agent |
UDP |
1812, 1813 |
Inbound (from the agent to UG NGFW) |
Access to the UserGate server required for the terminal agent to work. |
Windows Authentication Agent |
UDP |
1812, 1813 |
Inbound (from the agent to UG NGFW) |
Access to the UserGate server required for the authentication agent to work for Windows OS domain users. |
Proxy agent |
UDP |
8090 |
Inbound (from the agent to UG NGFW) |
Access to the UserGate server required for the proxy agent to provide Internet access to Windows OS users. |
SNMP |
UDP |
161 |
Inbound (to UserGate) |
Access to the UserGate server via SNMP. |
SMTP |
TCP |
25 |
Outbound (to the mail server) |
Send alerts to email. |
ICAP |
TCP |
1344 |
Outbound (to ICAP servers) |
Service to work with ICAP servers. |
DHCP |
UDP |
67, 68 |
Outbound (requesting an address from UserGate to a DHCP server)/Inbound (UserGate acts as a DHCP server) |
DHCP service. |
BGP |
TCP |
179 |
Outbound (send information to neighbor BGP routers)/Inbound (receive information from neighbor BGP routers) |
BGP dynamic routing service. |
OSPF |
89/OSPF |
Outbound (send information to neighbor OSPF routers)/Inbound (receive information from neighbor OSPF routers) |
OSPF dynamic routing service. |
|
RIP |
UDP |
520 |
Outbound (distribute RIP routes to neighbor routers)/Inbound (receive RIP routes from neighbor routers) |
RIP dynamic routing service. |
FTP (logs export) |
TCP |
21 |
Outbound (to an FTP server) |
Export logs to an FTP server. |
SSH (logs export) |
TCP |
22 |
Outbound (to an SSH server) |
Export logs to an SSH server. |
Syslog (logs export) |
TCP/UDP |
514 |
Outbound (to the Syslog server) |
Export logs to a Syslog server. |