port - Manage built-in service network listening TCP/UDP ports
[1] port [(wadmin | proxy | thttp | thttps | antivirus | ocsp | isakmp | natt | httppeer | htcppeer | dhcp | waudit) [<port-number>]]
Use this command to get or set IP ports for built-in services. This command requires two arguments: a port type and a valid port number. Valid port types are given in the above synopsis. A valid port number is an integer between 1024 and 49151.
The wadmin port is associated to the administration Web GUI. The administration Web GUI allows you to configure the appliance with a Web browser using HTTPS. The administration Web GUI is reachable at the URL https://<hostname>.<domainname>:<wadmin-port> where <hostname>, <domainname> and <wadmin-port> are respectively the host name, the domain name and the wadmin port.
When the proxy is in forwarding mode (mode web on) clients (Mozilla, Netscape, Internet Explorer...) using the proxy must use the proxy port configured here for the following protocols: HTTP, SSL, and FTP. In transparent mode (mode tweb on) all Web traffic (destined to the port 80) are transparently caught by the proxy on its thttp (transparent http). When the SSL mediation mode is activated in transparent mode (see the commands sslmediate and mode), the thttps port is used to transparently intercept HTTPS traffic. Clients should not use explicitly the thttp and thttps ports.
When the antivirus is configured as a service open to external systems such as an MTA (Mail Transfer Agent), the antivirus configured here is used for communications between external clients and the integrated antivirus. See the commands antivirus and access for further information.
When the OCSP mode is activated (mode ocsp on) the embedded OCSP server is configured to listen on the system’s external IP address on the ocsp port configured here. See the commands mode and tls for further information.
When the VPN IPsec mode is activated (mode vpnipsec on) the IKE (Internet Key Exchange) server is configured to listen on the system’s external IP address on the isakmp (ISAKMP: Internet Security Association and Key Management Protocol) and natt (NAT Transversal) ports configured here. See the commands mode and vpnipsec for further information.
The httppeer and htcppeer ports are used for peer intercommunications. For Share and HA Peers, peer ports must be the same in all peers to work together. The port httppeer is used to connect to a Next Peer (in this case the Next Peer must have its proxy port set to the httppeer of its Previous Peer. The protocol associated to the httppeer is HTTP which stands for Hyper Text Transfer Protocol. The protocol associated to the htcppeer is HTCP which stands for Hyper Text Caching Protocol.
When two appliances act as DHCP failover peer servers for each other, the dhcp port configured here is used for communications between those peers.
The couple <hostname>.<domainname> must be resolved to the appliance administration IP address in your network. The administration IP address is the internal interface IP address or IP address set for the administration 802.1q pseudo device in vlan mode.
The administration Web GUI is only available when the wadmin administration mode is activated. See the command admin.
The waudit port is associated to the Web traffic auditing module (see the command admin).
Please note that all port numbers must be unique.
apply (1) access (1) antivirus (1) admin (1) dhcp (1) domainname (1) hostname (1) ip (1) mode (1) rweb (1) sslmediate (1) vlan (1) vpnipsec (1) waf (1)
CacheGuard Technologies Ltd <www.cacheguard.com>
Send bug reports or comments to the above author.
Copyright (C) 2009-2024 CacheGuard - All rights reserved