Port(s) | Functionality |
UDP 53 | DNS lookup, RBL lookup |
UDP 53 or UDP 8888 | FortiGuard Antispam or Web Filtering rating lookup |
UDP 53 (default) or UDP 8888 and UDP 1027 or UDP 1031 | FDN Server List - source and destination port numbers vary by originating or reply traffic. See the article “How do I troubleshoot performance issues when FortiGuard Web Filtering is enabled?” in the Knowledge Base. |
UDP 123 | NTP Synchronization |
UDP 162 | SNMP Traps |
UDP 514 | SYSLOG - All FortiOS versions can use syslog to send log messages to remote syslog servers. FortiOS v2.80 and v3.0 can also view logs stored remotely on a FortiAnalyzer unit. |
TCP 22 | Configuration backup to FortiManager unit or FortiGuard Analysis and Management Service. |
TCP 25 | SMTP alert email, encrypted virus sample auto-submit |
TCP 389 or TCP 636 | LDAP or PKI authentication |
TCP 443 | FortiGuard Antivirus or IPS update - When requesting updates from a FortiManager unit instead of directly from the FDN, this port must be reconfigured as TCP 8890. |
TCP 443 | FortiGuard Analysis and Management Service |
TCP 514 | FortiGuard Analysis and Management Service log transmission (OFTP) |
TCP 541 | SSL Management Tunnel to FortiGuard Analysis and Management Service (FortiOS v3.0 MR6 or later) |
TCP 514 | Quarantine, remote access to logs and reports on a FortiAnalyzer unit, device registration with FortiAnalyzer units (OFTP) |
TCP 1812 | RADIUS authentication |
TCP 8000 and TCP 8002 | FSSO |
TCP 10151 | FortiGuard Analysis and Management Service contract validation |