Functionality | Port(s) |
DNS lookup | UDP 53 |
NTP synchronization | UDP 123 |
Windows share | UDP 137-138 |
SNMP traps | UDP 162 |
Syslog, log forwarding | UDP 514 Note: If a secure connection has been configured between a FortiGate and a FortiAnalyzer, syslog traffic will be sent into an IPsec tunnel. Data will be exchanged over UDP 500/4500, Protocol IP/50. |
Log and report upload | TCP 21 or TCP 22 |
SMTP alert email | TCP 25 |
User name LDAP queries for reports | TCP 389 or TCP 636 |
Vulnerability Management updates | TCP 443 |
RADIUS authentication | TCP 1812 |
TACACS+ authentication | TCP 49 |
Log aggregation client | TCP 3000 |
Device registration of FortiGate or FortiManager units; remote access to quarantine, logs & reports from a FortiGate unit; remote management from a FortiManager unit (configuration retrieval) (OFTP) | TCP 514 |
Functionality | Port(s) |
Windows share | UDP 137-139 and TCP 445 |
Syslog, log forwarding | UDP 514 Note: If a secure connection has been configured between a FortiGate and a FortiAnalyzer, syslog traffic will be sent into an IPsec tunnel. Data will be exchanged over UDP 500/4500, Protocol IP/50. |
SSH administrative access to the CLI | TCP 22 |
Telnet administrative access to the CLI | TCP 23 |
HTTP administrative access to the Web-based Manager | TCP 80 |
HTTPS administrative access to the Web-based Manager; remote management from a FortiManager unit | TCP 443 |
Device registration of FortiGate or FortiManager units; remote access to quarantine, logs & reports from a FortiGate unit; remote management from a FortiManager unit (configuration retrieval) (OFTP) | TCP 514 |
NFS share | TCP 2049 |
HTTP or HTTPS administrative access to the Web-based Manager's CLI dashboard widget. Protocol used will match the protocol used by the administrator when logging in to the Web-based Manager. | TCP 2032 |
Log aggregation server Log aggregation server support requires model FortiAnalyzer-800 or greater. | TCP 3000 |
Remote management from a FortiManager unit (configuration installation) | TCP 8080 |
Remote MySQL database connection | TCP 3306 |
Functionality | Port(s) |
Vulnerability Management updates | TCP 443 |