Deleting an Input Rule
Use the
tab to delete input rules and define your Firewall Settings.
You can also use the CLI command
system firewall to add or delete a firewall rule, or to turn the firewall on or off. For details, see
system Command.
Procedure
Example of LogLogic Port Assignments
Description | Protocol | Port # | Comments |
---|---|---|---|
Syslog | UDP | 514 | Used for incoming syslog data. You can change this port number from 514 in the Syslog UDP Port field. If you change this port number, you must add the other port number here. | tab
Blue Coat/Netcache | HTTP/ HTTPS | 4433 | Used for incoming HTTPS streams from log sources such as Blue Coat ProxySG and NetApp Netcache. |
Description | Protocol | Port # | Comments |
---|---|---|---|
lea_server | LEA/TCP | 18184 | Used to transfer log messages. |
cpmi_server | TCP | 18190 | Default port. Used for rule listing and firewall/interface auto-discover. Note: Must match Check Point Manager Server. |
SIC | TCP | 18210 | Used to establish connection with the Check Point Management Interface (CPMI). SIC - Secure Internal Communication |
CMPI Forwarding | UDP | 5514 | Used for collecting LogLogic streams from the Check Point Management Interface through the rtchpk utility. |
Description | Protocol | Port # | Comments |
---|---|---|---|
Browser | HTTP | 80 | Used for internal web browser access requests to the LogLogic Appliance. The requests are redirected to port 443 (HTTPS). |
Browser | HTTPS | 443 | Used for incoming HTTPS requests to the GUI and Web Services APIs. The requests are redirected from port 80 (HTTP). |
Browser | HTTP | 8080 | Browser redirects during upgrade. |
Real-Time Viewer | TCP | 4514 | Used for Real-Time Viewer client connections. Uses Java applet; some versions of Java will not work. Java 1.8.0.x is recommended. |
- As administrator, update your file
C:\Program Files (x86)\Java\jre1.8.0_x\lib\security\java.policy and grant the following permission to non-abbreviated IPv6 address:
grant { permission java.net.SocketPermission "fd00:0:0:0:0:aaaa:a73:1a3d", "connect,resolve"; };
You can also add permissions to both abbreviated and non-abbreviated addresses:
grant { permission java.net.SocketPermission "fd00:0:0:0:0:aaaa:a73:1a3d", "connect,resolve"; }; grant { permission java.net.SocketPermission "fd00::aaaa:a73:1a3d", "connect,resolve"; };
The IP address should be replaced with the IP address of your appliance.
- In
add the following to the exception list:
https://[fd00::aaaa:a73:1a3d]:443, where "fd00::aaaa:a73:1a3d” is your appliance IP https://[fd00:0:0:0:0:aaaa:a73:1a3d]:443, where "fd00:0:0:0:0:aaaa:a73:1a3d” id the non-abbreviated version for your appliance IP
Description | Protocol | Port # | Comments |
---|---|---|---|
CLI Access | SSH | 22 | Used for SSH client access. Configured on/off. |
NTP | NTP | 123 | Used by the Network Time Protocol Daemon (NTPD). |
Browser | HTTPS | 443 | Used for SSL two-way handshake. |
Description | Protocol | Port # | Comments |
---|---|---|---|
High Availability Failover | Rsync | 4400 | Used by the replication sync failover service. |
High Availability Failover | MySQL | 3306 | Used by the MySQL failover service. |
Description | Protocol | Port # | Comments |
---|---|---|---|
LogLogic TCP | TCP | 5514 | Used for collecting LogLogic streams from the Check Point Management Interface via the rtchpk utility. |
LogLogic TCP | TCP | 4443 | Used by Management Station to send requests from the Management Station to a remote Appliance. |
LogLogic TCP | TCP | 4443 | Used for sending updates from a Remote Appliance to the Management Station. |
Syslog Alert | UDP | 514 | Used for incoming syslog data. You can change this port number from 514 in the Syslog UDP Port field. If you change this port number, you must add the other port number here. | tab
SNMP Alerts | UDP | 161 | Used for incoming SNMP client requests. |
SNMP Notification | UDP | 162 | Used for incoming and out going SNMP trap messages. (Internal LX/ST Alerts and log collection) |
Copyright © Cloud Software Group, Inc. All rights reserved.