https://live.paloaltonetworks.com/t5/general-topics/which-ports-are-being-used-by-pan/m-p/26212#M19143 <HTML><HEAD></HEAD><BODY><P>When you for example set an url-category into "continue" the continue response-page is issued through tcp 6079.</P><P></P><P>However there is no need to setup a policy for this traffic since the PAN will handle this on its own.</P><P></P><P>But when I enabled captive portal with ntlm-auth I noticed blocked traffic towards the L3 interface of the PAN at tcp 6080 and 7080.</P><P></P><P>What are these ports used for and does there exist a portlist for which ports one might need to create policies for to avoid denied/dropped packets (which I assume shouldnt be denied/dropped)?</P></BODY></HTML> Thu, 04 Mar 2010 18:03:21 GMT rps 2010-03-04T18:03:21Z https://live.paloaltonetworks.com/t5/general-topics/which-ports-are-being-used-by-pan/m-p/26212#M19143 <HTML><HEAD></HEAD><BODY><P>When you for example set an url-category into "continue" the continue response-page is issued through tcp 6079.</P><P></P><P>However there is no need to setup a policy for this traffic since the PAN will handle this on its own.</P><P></P><P>But when I enabled captive portal with ntlm-auth I noticed blocked traffic towards the L3 interface of the PAN at tcp 6080 and 7080.</P><P></P><P>What are these ports used for and does there exist a portlist for which ports one might need to create policies for to avoid denied/dropped packets (which I assume shouldnt be denied/dropped)?</P></BODY></HTML> Thu, 04 Mar 2010 18:03:21 GMT https://live.paloaltonetworks.com/t5/general-topics/which-ports-are-being-used-by-pan/m-p/26212#M19143 rps 2010-03-04T18:03:21Z https://live.paloaltonetworks.com/t5/general-topics/which-ports-are-being-used-by-pan/m-p/26213#M19144 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>Port 6080 is used for captive-portal authentication, this is a web page prompting the unknown user to login via username/pwd. </P><P></P><P>Port 7080 is used for NTLM authentication, this is simulating a Windows server authenticating the unknown user to login via NTLM username/pwd. </P><P></P><P>The PAN device uses these ports to decide which authentication method to use to challenge the user.&nbsp; Some addt'l services may also be in used depending on the configuration:</P><P></P><P>for mgmt: HTTP, HTTPS, telnet, ssh, ping, SNMP</P><P></P><P>PAN agent: a configurable TCP port like 3011</P><P></P><P>TS Agent port</P><P></P><P>SSL, IPsec ports for VPN</P></BODY></HTML> Fri, 05 Mar 2010 03:53:44 GMT https://live.paloaltonetworks.com/t5/general-topics/which-ports-are-being-used-by-pan/m-p/26213#M19144 rmonvon 2010-03-05T03:53:44Z https://live.paloaltonetworks.com/t5/general-topics/which-ports-are-being-used-by-pan/m-p/26214#M19145 <HTML><HEAD></HEAD><BODY><P>&nbsp; Here are the services using the open ports you have indicated.</P><P> 6080-6081 - Captive portal, Captive portal redirect and URL override page</P><P> 6082- Captive portal&nbsp; Captive portal redirect with certificate. </P></BODY></HTML> Fri, 10 Jun 2011 23:47:01 GMT https://live.paloaltonetworks.com/t5/general-topics/which-ports-are-being-used-by-pan/m-p/26214#M19145 gsamuels 2011-06-10T23:47:01Z