FortiManager open ports
| Incoming ports | ||
|---|---|---|
| Purpose | Protocol/Port | |
| FortiGate | Management | TCP/541 |
| IPv6 FGFM connection | TCP/542 | |
| Log & Report | TCP or UDP/514 | |
| FortiGuard Queries | TCP/8890, UDP/53 | |
| FortiClient | Select a FortiManager to be used for FortiClient signature updates | TCP/80 (by default; this port can be customized) |
| Send logs to FortiManager (FortiClient must connect to FortiGate or EMS to send logs to FortiManager) | TCP/514 | |
| FortiGuard | AV/IPS | UDP/9443 |
| FortiMail | Registration | UDP/9443 |
| AV/AS Query | ||
| FortiManager | FortiClient Manager | TCP/6028 |
| FortiPortal | API communications (JSON and XML APIs respectively) | TCP/443, TCP/8080 |
| Others | SSH CLI Management | TCP/22 |
| Telnet CLI Management | TCP/23 | |
| Web Admin | TCP/80, TCP/443 | |
| Outgoing ports | ||
|---|---|---|
| Purpose | Protocol/Port | |
| FortiAnalyzer | Syslog & OFTP | TCP/514, UDP/514 |
| Registration | TCP/541 | |
| FortiGate | AV/IPS Push | UDP/9443 |
| SSH CLI Management | TCP/22 | |
| Management | TCP/541 | |
| FortiGuard | AV/IPS Updates, URL/AS Update, Firmware, SMS, FTM, Licensing, Policy Override Authentication, Registration | TCP/443 |
| FortiClient udpates | TCP/80 | |
| FortiMail | AV Push | |
| FortiManager | FortiClient Manager | TCP/6028 |
| 3rd-Party Servers | DNS | UDP/53 |
| NTP | UDP/123 | |
| Proxied HTTPS Traffic | TCP/443 | |
| RADIUS | UDP/1812 | |
|
Note that, while a proxy is configured, FortiManager uses the following URLs to access the FortiGuard Distribution Network (FDN) for the following updates:
|
Copyright © 2022 Fortinet, Inc. All Rights Reserved. | Terms of Service | Privacy Policy
