Firewall Configuration
Provides a list of firewall ports that need to be open for configuring / installing the GridGuard appliance.
Required for All Integrations
Source Destination Ports Required for
---------------- ----------------------- -------- -------------------------------------------------------------
Anywhere gridguard-server 443 TCP All integrations. Used for HTTPS access to authenticate
gridguard-server DNS Servers 53 UDP Needed for DNS lookups
gridguard-server SMTP Server 25 TCP SMTP connections for license notifications, GridKey messages
gridguard-server NTP Server 123 UDP For time synchronization using NTP
gridguard-server User Registry(LDAP/AD) 389 TCP LDAP based enterprise user registry lookups
gridguard-server User Registry(LDAP/AD) 636 TCP LDAPS based enterprise user registry lookups
gridguard-server files.syferlock.com 443 TCP Download system updates
gridguard-server other gridguard-servers 22 TCP Communication between clustered GridGuard servers
gridguard-server other gridguard-servers 389 TCP LDAP Replication between clustered GridGuard servers
gridguard-server other gridguard-servers 636 TCP LDAP Replication between clustered GridGuard servers
gridguard-server other gridguard-servers 6268 TCP LDAP Replication between clustered GridGuard servers
gridguard-server other gridguard-servers 6269 TCP LDAP Replication between clustered GridGuard servers
Internal Network gridguard-server 22 TCP Allow SSH access
Internal Network gridguard-server 8443 TCP Allow access to Management Console (ACC)
Internal Network gridguard-server 5432 TCP Allow access to GridGuard internal database'gridguard-server' refers to the instance of the GridGuard server.
'User Registry' refers to the enterprise user registry; typically an Active Directory / LDAP server.
Additional ports required for Token Authentication Integrations
Source Destination Ports Required for
---------------- ----------------------- -------- -------------------------------------------------------------
Appliance gridguard-server 389 TCP LDAP bind for all token authentication configurations
Appliance gridguard-server 636 TCP LDAPS bind for all token authentication configurations
'Appliance' refers to the Appliance / service that is being secured by GridGuard; for e.g. Juniper, Netscaler etc.
Additional ports required for RADIUS Integrations
Source Destination Ports Required for
---------------- ----------------------- -------- -------------------------------------------------------------
Appliance gridguard-server 1812 UDP Allows secured device to authenticate over RADIUS
Appliance gridguard-server 1813 UDP Allows secured device to authenticate over RADIUS'Appliance' refers to the Appliance / service that is being secured by GridGuard; for e.g. Juniper, Netscaler etc.
Additional ports required for Cookie Capture Integrations
Source Destination Ports Required for
---------------- ----------------------- -------- -------------------------------------------------------------
gridguard-server Appliance 443 TCP Allows GridGuard to submit HTTPS requests to secured portal'Appliance' refers to the Appliance / service that is being secured by GridGuard; for e.g. Juniper, Netscaler etc.
Additional ports required for Database based User Registries
Source Destination Ports Required for
---------------- ----------------------- -------- -------------------------------------------------------------
gridguard-server Oracle DB User Registry 1521 TCP Allows GridGuard to verify user information
gridguard-server MySQL DB User Registry 3306 TCP Allows GridGuard to verify user information
gridguard-server MSSQL DB User Registry 1433 TCP Allows GridGuard to verify user information