====== Commonly Used TCP Ports ======

The following TCP ports are used to provide common network services such as e-mail and remote access.  UDP is a connectionless protocol that is not frequently forwarded.

These are some of the most common ports that might be to be forwarded to an internal server from an external 'gateway/router/firewall' device.

:!: In the interest of security, a person would normally only forward secure (encrypted) ports to an inside host.  For example, you might forward port 995 (POPS) instead of port 110 (POP) as the standard POP protocol passes passwords across the Internet in plain text, whereas POPS is an (SSL) encrypted protocol.

:!: You should only forward the ports for the services you want to expose to the outside (Internet).

|**Port**|**Name**|**Description**|**Notes**|
|20|FTP Data|File Transfer Protocol|Server -> Client Data Connection. You don't need to forward port 21 if your clients use the common "Passive Mode".|
|21|FTP Control|File Transfer Protocol|Client -> Server Control Connection|
|22|SSH|Secure Shell|Encrypted secure shell and secure file transfers (SFTP)|
|25|SMTP|Simple Mail Transfer Protocol|Used to transfer mail between mail servers and for mail submitted by mail clients. May be secured with TLS.|
|80|HTTP|Hypertext Transfer Protocol|The common WWW protocol used by web browsers|
|110|POP3|Post Office Protocol v3|Mail retrieval. Client-based message store.|
|143|IMAP|Internet Mail Access Protocol|Mail retrieval. Server-based message store.|
|443|HTTPS|HTTP over SSL|Encrypted web traffic|
|465|SMTPS|SMTP over SSL|Encrypted mail traffic|
|587|Submission|SMTP on alternate port|Used with SMTP protocol to submit mail from mail clients. May be secured with TLS. Often used when ISP blocks port 25.|
|993|IMAPS|IMAP over SSL|Encrypted mail retrieval. Client-based message store.|
|995|POPS|POP over SSL|Encrypted mail retrieval. Server-based message store.|
|1723|PPTP|Microsoft Point-to-Point Tunnelling Protocol|PPTP also requires forwarding of the GRE Protocol. Check the documentation for the device you are using on forwarding of protocols.|
|3389|RDP|Remote Desktop Protocol|Newer versions of RDP are more secure and support more features.|
|5900|VNC|Virtual Network Computing|This remote control protocol may also be used on other ports such as 5901, 5902, etc.|