Recently GFI MailEssentials users may have experienced disruption to their service. We are happy to report that this is now resolved. If you have temporarily disabled Bitdefender, please re-enable it and your email service will resume. If you continue to experience any problems, follow this guide to manually update Bitdefender definitions. Learn more

What ports and protocols does GFI LanGuard use?

The following ports are used by GFI LanGuard. The firewall may need to be re-configured to allow TCP / IP or UDP connections from the GFI LanGuard machine on the following ports:

NOTES ON CONNECTIONS AND PORTS:

  • In order to connect from the local computer (LanGuard for example)  to a destination computer, the local computer will connect FROM a random high numbered port (that will be different for each connection).
  • Normally this connects to a specific low numbered port on the destination machine that has a service "LISTENING" on that port (i.e. the port is considered "OPEN" for connections). 
  • One can use the "Netstat" utility to view current connections and ports:

"Netstat -ab" will show ALL (a) connections and the process that has the port open (b)
"Netstat -ano" will show ALL (a) connections by number (n) and the owning Process ID (PID) (o) - this is sometimes necessary when the (b) option cannot find the process. The corresponding process can be found in Task Manager by adding the PID column. The PID will be different every time a process restarts.
The "find" feature can be used to limit the results by looking for a string in the line (ex. netstat -ano | find ":1070" will find the connection for port 1070 on the local machine)


User-added image
 

Listening Ports on the GFI LanGuard machine:

  • Apache Server Port: TCP 1070 - default port - configurable - process is Httpd.exe (LanGuard 2012 and later versions)
Port used for agent management and patch deployment


Connections established from (random high number ports) on the GFI LanGuard machine to the following ports on remote computers:

  • EPMAP Port: TCP/UDP 135
Port that provides dynamically assigned ports for RPC-based services for DCOM
  • NetBIOS Port: TCP/UDP 137, 139 
Used for computer discovery and resource sharing
  • SNMP Port: UDP 161
Used for computer discovery. GFI LanGuard supports only SNMPv1 and SNMPv2c. SNMPv3 and SNMP over TLS/DTLS are not supported.
  • SMB Po​rt: TCP 445
Used for auditing computers, agent management and patch deployment
  • SSH Port: TCP/UDP 22 
Used for auditing Linux and Mac systems