FortiAP-S Open Ports FortiAuthenticator Open Ports FortiManager Open Ports FortiGuard Open Ports 3rd-Party Servers Open Ports FortiGuard Open Ports FortiManager Open Ports FortiSandbox Open Ports FortiCloud Open Ports FortiAuthenticator Open Ports FortiAnalyzer Open Ports

FortiGate Open Ports

Incoming Ports
Purpose Protocol/Port
FortiAP-S Syslog, OFTP, Registration, Quarantine, Log & Report TCP/443
CAPWAP UDP/5246, UDP/5247
FortiAuthenticator RADIUS UDP/1812
FSSO TCP/8000
FortiGate HA Heartbeat TCP/703, TCP/23, or ETH Layer 2/8890
FortiGuard Management TCP/541
AV/IPS UDP/9443
FortiManager AV/IPS Push UDP/9443
SSH CLI Management TCP/22
Management TCP/541
SNMP Poll UDP/161, UDP/162
FortiGuard Queries TCP/443
Others Web Admin TCP/80, TCP/443
FSSO TCP/8000
Policy Override Authentication TCP/443, TCP/8008
FortiClient Portal TCP/8009
Policy Override Keepalive TCP/1000, TCP/1003
SSL VPN TCP/10443
3rd-Party Servers FSSO TCP/8000

 

Outgoing Ports
Purpose Protocol/Port
FortiAnalyzer Syslog, OFTP, Registration, Quarantine, Log & Report TCP/514
FortiAuthenticator LDAP, PKI Authentication TCP or UDP/389
FortiCloud Registration, Quarantine, Log & Report, Syslog TCP/443
OFTP TCP/514
Management TCP/541
Contract Validation TCP/10151
FortiGate HA Heartbeat TCP/703, TCP/23, or ETH Layer 2/8890
FortiGuard AV/IPS Update TCP/443, TCP/8890
Cloud App DB TCP/9582
FortiGuard Queries UDP/53, UDP/8888
DNS UDP/53, UDP/8888
Registration TCP/80
Alert Email, Virus Sample TCP/25
Management, Firmware, SMS, FTM, Licensing, Policy Override TCP/443
Central Management, Analysis TCP/541
FortiManager Management TCP/541
IPv6 TCP/542
Log & Report TCP or UDP/514
Secure SNMP UDP/161, UDP/162
FortiGuard Queries TCP/8890, UDP/53
FortiSandbox OFTP TCP/514
note icon Note that, while a proxy is configured, FortiGate uses the following URLs to access the FortiGuard Distribution Network (FDN):
  • update.fortiguard.net
  • service.fortiguard.net
  • support.fortinet.com