Want help with your product upgrades? Upgrades made easy

LanGuard | Ports and protocols used by GFI LanGuard

The following ports are used by GFI LanGuard. The firewall may need to be re-configured to allow TCP / IP or UDP connections from the GFI LanGuard machine on the following ports:


  • In order to connect from the local computer (LanGuard for example)  to a destination computer, the local computer will connect FROM a random high numbered port (that will be different for each connection).
  • Normally this connects to a specific low numbered port on the destination machine that has a service "LISTENING" on that port (i.e. the port is considered "OPEN" for connections). 
  • One can use the "Netstat" utility to view current connections and ports:

"Netstat -ab" will show ALL (a) connections and the process that has the port open (b)
"Netstat -ano" will show ALL (a) connections by number (n) and the owning Process ID (PID) (o) - this is sometimes necessary when the (b) option cannot find the process. The corresponding process can be found in Task Manager by adding the PID column. The PID will be different every time a process restarts.
The "find" feature can be used to limit the results by looking for a string in the line (ex. netstat -ano | find ":1070" will find the connection for port 1070 on the local machine)

User-added image

Listening Ports on the GFI LanGuard machine:

  • Apache Server Port: TCP 1072 - default port - configurable - process is Httpd.exe (LanGuard 12 and later versions)
Port used for agent management and patch deployment
  • Apache Server Port: TCP 1070 - default port - configurable - process is Httpd.exe (LanGuard 11 and earlier versions)
Port used for agent management and patch deployment

Connections established from (random high number ports) on the GFI LanGuard machine to the following ports on remote computers:

  • EPMAP Port: TCP/UDP 135
Port that provides dynamically assigned ports for RPC-based services for DCOM
  • NetBIOS Port: TCP/UDP 137, 139 
Used for computer discovery and resource sharing
  • SNMP Port: UDP 161
Used for computer discovery. GFI LanGuard supports only SNMPv1 and SNMPv2c. SNMPv3 and SNMP over TLS/DTLS are not supported.
  • SMB Po​rt: TCP 445
Used for auditing computers, agent management and patch deployment
  • SSH Port: TCP/UDP 22 
Used for auditing Linux and Mac systems