Chapter 2 Introduction
14
• 1900/UDP — SSDP Discovery service
• 2869/TCP — UPnP Host service
The SSDP Discovery and UPnP Host services are included in the UPnP support
(refer to chapter 16.3).
• 44333/TCP+UDP — traffic between Kerio Administration Console and WinRoute
Firewall Engine. This service cannot be stopped.
The following services use corresponding ports by default. Ports for these services
can be changed.
• 443/TCP — server of the SSL-VPN interface (see chapter 22)
• 3128/TCP — HTTP proxy server (see chapter 5.5)
• 4080/TCP — Web administration interface (refer to chapter 9)
• 4081/TCP — secured (SSL-encrypted) version of the Web administration inter-
face (see chapter 9)
• 4090/TCP+UDP — proprietary VPN server (for details refer to chapter 21)
Antivirus applications
If an antivirus application that scans files on the disk is run on the WinRoute host,
the HTTP cache file (see chapter 5.6, usually the "/> subdirectory under the direc-
tory where WinRoute is installed) and the tmp subdirectory (used to scan HTTP and
FTP objects) must be excluded from inspection. If the antivirus is run manually,
there is no need to exclude these files, however, WinRoute Firewall Engine must be
stopped before running the antivirus (this is not always desirable).
Note: If WinRoute uses an antivirus to check objects downloaded via HTTP or FTP
protocols (see chapter
11.3), the cache directory can be excluded with no risk —
files in this directory have already been checked by the antivirus.
Note: WinRoute can stop automatically The Windows Firewall / Internet Connection Shar-
ing system service is not mentioned as problematic, since WinRoute can stop automati-
cally. For details, see chapter 2.3.
