The following ports are used by GFI LanGuard. The firewall may need to be re-configured to allow TCP / IP or UDP connections from the GFI LanGuard machine on the following ports:
NOTES ON CONNECTIONS AND PORTS:
- In order to connect from the local computer (LanGuard for example) to a destination computer, the local computer will connect FROM a random high numbered port (that will be different for each connection).
- Normally this connects to a specific low numbered port on the destination machine that has a service "LISTENING" on that port (i.e. the port is considered "OPEN" for connections).
- One can use the "Netstat" utility to view current connections and ports:
"Netstat -ab" will show ALL (a) connections and the process that has the port open (b)
"Netstat -ano" will show ALL (a) connections by number (n) and the owning Process ID (PID) (o) - this is sometimes necessary when the (b) option cannot find the process. The corresponding process can be found in Task Manager by adding the PID column. The PID will be different every time a process restarts.
The "find" feature can be used to limit the results by looking for a string in the line (ex. netstat -ano | find ":1070" will find the connection for port 1070 on the local machine)
Listening Ports on the GFI LanGuard machine:
- Apache Server Port: TCP 1070 - default port - configurable - process is Httpd.exe (LanGuard 2012 and later versions)
Port used for agent management and patch deployment
Connections established from (random high number ports) on the GFI LanGuard machine to the following ports on remote computers:
Port that provides dynamically assigned ports for RPC-based services for DCOM
- NetBIOS Port: TCP/UDP 137, 139
Used for computer discovery and resource sharing
Used for computer discovery. GFI LanGuard supports SNMP including v3 but we do not support SNMP over TLS / DTLS.
Used for auditing computers, agent management and patch deployment
Used for auditing Linux and Mac systems