Scheduled maintenance - Saturday April 29 at 07:00 UTC Find out more     |     We have acquired Exinda More info

What ports and protocols does GFI LanGuard use?

The following ports are used by GFI LanGuard. The firewall may need to be re-configured to allow TCP / IP or UDP connections from the GFI LanGuard machine on the following ports:

NOTES ON CONNECTIONS AND PORTS:

  • In order to connect from the local computer (LanGuard for example)  to a destination computer, the local computer will connect FROM a random high numbered port (that will be different for each connection).
  • Normally this connects to a specific low numbered port on the destination machine that has a service "LISTENING" on that port (i.e. the port is considered "OPEN" for connections). 
  • One can use the "Netstat" utility to view current connections and ports:

"Netstat -ab" will show ALL (a) connections and the process that has the port open (b)
"Netstat -ano" will show ALL (a) connections by number (n) and the owning Process ID (PID) (o) - this is sometimes necessary when the (b) option cannot find the process. The corresponding process can be found in Task Manager by adding the PID column. The PID will be different every time a process restarts.
The "find" feature can be used to limit the results by looking for a string in the line (ex. netstat -ano | find ":1070" will find the connection for port 1070 on the local machine)


User-added image
 

Listening Ports on the GFI LanGuard machine:

  • Apache Server Port: TCP 1070 - default port - configurable - process is Httpd.exe (LanGuard 2012 and later versions)
Port used for agent management and patch deployment


Connections established from (random high number ports) on the GFI LanGuard machine to the following ports on remote computers:

  • EPMAP Port: TCP/UDP 135
Port that provides dynamically assigned ports for RPC-based services for DCOM
  • NetBIOS Port: TCP/UDP 137, 139 
Used for computer discovery and resource sharing
  • SNMP Port: UDP 161
Used for computer discovery. GFI LanGuard supports SNMP including v3 but we do not support SNMP over TLS / DTLS.
  • SMB Po​rt: TCP 445
Used for auditing computers, agent management and patch deployment
  • SSH Port: TCP/UDP 22 
Used for auditing Linux and Mac systems