Submit Search

FortiGate open ports

Incoming ports
Purpose		Protocol/Port
FortiAP-S	Syslog, OFTP, Registration, Quarantine, Log & Report	TCP/443
FortiAP-S	CAPWAP	UDP/5246, UDP/5247
FortiAuthenticator	RADIUS	UDP/1812
FortiAuthenticator	FSSO	TCP/8000
FortiGate	HA Heartbeat	ETH Layer 0x8890, 0x8891, and 0x8893
FortiGate	HA Synchronization	TCP/703, UDP/703
FortiGuard	Management	TCP/541
FortiGuard	AV/IPS	UDP/9443
FortiManager	AV/IPS Push	UDP/9443
	SSH CLI Management	TCP/22
	Management	TCP/541
	SNMP Poll	UDP/161, UDP/162
	FortiGuard Queries	TCP/443
FortiPortal	API communications (FortiOS REST API, used for Wireless Analytics)	TCP/443
Others	Web Admin	TCP/80, TCP/443
	FSSO	TCP/8000
	Policy Override Authentication	TCP/443, TCP/8008, TCP/8010
	FortiClient Portal	TCP/8009
	Policy Override Keepalive	TCP/1000, TCP/1003
	SSL VPN	TCP/10443
3rd-Party Servers	FSSO	TCP/8000

Outgoing ports
Purpose		Protocol/Port
FortiAnalyzer	Syslog, OFTP, Registration, Quarantine, Log & Report	TCP/514
FortiAuthenticator	LDAP, PKI Authentication	TCP or UDP/389
FortiCloud	Registration, Quarantine, Log & Report, Syslog	TCP/443
	OFTP	TCP/514
	Management	TCP/541
	Contract Validation	TCP/443
FortiGate	HA Heartbeat	ETH Layer 0x8890, 0x8891, and 0x8893
FortiGate	HA Synchronization	TCP/703, UDP/703
FortiGuard	AV/IPS Update	TCP/443, TCP/8890
	Cloud App DB	TCP/9582
	FortiGuard Queries	UDP/53, UDP/8888
	DNS	UDP/53, UDP/8888
	Registration	TCP/80
	Alert Email, Virus Sample	TCP/25
	Management, Firmware, SMS, FTM, Licensing, Policy Override	TCP/443
	Central Management, Analysis	TCP/541
FortiManager	Management	TCP/541
	IPv6 FGFM connection	TCP/542
	Log & Report	TCP or UDP/514
	Secure SNMP	UDP/161, UDP/162
	FortiGuard Queries	TCP/8890, UDP/53
FortiSandbox	OFTP	TCP/514

Note that, while a proxy is configured, FortiGate uses the following URLs to access the FortiGuard Distribution Network (FDN):