Examples of LogLogic Port Assignments
| Description | Protocol | Port # | Comments |
|---|---|---|---|
| Syslog | UDP | 514 | Used for incoming syslog data. You can change this port number from 514 in the tab Syslog UDP Port field. If you change this port number, you must add the other port number here. |
| Blue Coat/Netcache | HTTP/ HTTPS | 4433 | Used for incoming HTTPS streams from log sources such as Blue Coat ProxySG and NetApp Netcache. |
| Description | Protocol | Port # | Comments |
|---|---|---|---|
| lea_server | LEA/TCP | 18184 | Used to transfer log messages. |
| cpmi_server | TCP | 18190 | Default port. Used for rule listing and firewall/interface auto-discover. Note: Must match Check Point Manager Server. |
| SIC | TCP | 18210 | Used to establish connection with the Check Point Management Interface (CPMI). SIC - Secure Internal Communication |
| CMPI Forwarding | UDP | 5514 | Used for collecting LogLogic streams from the Check Point Management Interface through the rtchpk utility. |
| Description | Protocol | Port # | Comments |
|---|---|---|---|
| Browser | HTTP | 80 | Used for internal web browser access requests to the LogLogic Appliance. The requests are redirected to port 443 (HTTPS). |
| Browser | HTTPS | 443 | Used for incoming HTTPS requests to the GUI and Web Services APIs. The requests are redirected from port 80 (HTTP). |
| Browser | HTTP | 8080 | Browser redirects during upgrade. |
- As administrator, update your file
C:\Program Files (x86)\Java\jre1.8.0_x\lib\security\java.policy and grant the following permission to non-abbreviated IPv6 address:
grant { permission java.net.SocketPermission "fd00:0:0:0:0:aaaa:a73:1a3d", "connect,resolve"; };You can also add permissions to both abbreviated and non-abbreviated addresses:
grant { permission java.net.SocketPermission "fd00:0:0:0:0:aaaa:a73:1a3d", "connect,resolve"; }; grant { permission java.net.SocketPermission "fd00::aaaa:a73:1a3d", "connect,resolve"; };The IP address should be replaced with the IP address of your appliance.
- In
add the following to the exception list:
https://[fd00::aaaa:a73:1a3d]:443, where "fd00::aaaa:a73:1a3d” is your appliance IP https://[fd00:0:0:0:0:aaaa:a73:1a3d]:443, where "fd00:0:0:0:0:aaaa:a73:1a3d” id the non-abbreviated version for your appliance IP
| Description | Protocol | Port # | Comments |
|---|---|---|---|
| CLI Access | SSH | 22 | Used for SSH client access. Configured on/off. |
| NTP | NTP | 123 | Used by the Network Time Protocol Daemon (NTPD). |
| Browser | HTTPS | 443 | Used for SSL two-way handshake. |
| Description | Protocol | Port # | Comments |
|---|---|---|---|
| High Availability Failover | Rsync | 4400 | Used by the replication sync failover service. |
| High Availability Failover | MySQL | 3306 | Used by the MySQL failover service. |
| Description | Protocol | Port # | Comments |
|---|---|---|---|
| LogLogic TCP | TCP | 5514 | Used for collecting LogLogic streams from the Check Point Management Interface via the rtchpk utility. |
| LogLogic TCP | TCP | 9443 | Used by Management Station to send requests from the Management Station to a remote Appliance. |
| LogLogic TCP | TCP | 9443 | Used for sending updates from a Remote Appliance to the Management Station. |
| Syslog Alert | UDP | 514 | Used for incoming syslog data. You can change this port number from 514 in the tab Syslog UDP Port field. If you change this port number, you must add the other port number here. |
| SNMP Alerts | UDP | 161 | Used for incoming SNMP client requests. |
| SNMP Notification | UDP | 162 | Used for incoming and outgoing SNMP trap messages. (Internal alerts from LogLogic LX Appliance or LogLogic ST Appliance, and log collection) |
Copyright © 2020. Cloud Software Group, Inc. All Rights Reserved.