Fortinet black logo

Outgoing Ports

6.4.0
Copy Link
Copy Doc ID d42666a5-eb01-11eb-97f7-00505692583a:333971
Download PDF

Outgoing Ports

The following table identifies the outgoing ports for FortiAuthenticator and how the ports interact with other products:

Product

Purpose

Protocol and Port

FortiAuthenticator

(HA) HA heartbeat

UDP/720

(LB secondary) LB secondary sync

UDP/721, UDP/1194

FSSO tiered architecture

TCP/8003

FortiGate

Policy Authentication through Captive Portal

TCP/1000

RADIUS disconnect

TCP/1700

FortiGuard

FortiToken hardware seed retrieval TCP/443
FortiToken Mobile activation, provisioning, and transfer TCP/443
FortiToken Cloud communication TCP/8686
FortiGuard SMS TCP/443
FortiToken Mobile push proxy service (FAC 6.1.1 and later) TCP/443
FortiToken Mobile Apple push servers (FAC 6.1.0 and earlier) TCP/5223, TCP/2195, TCP/2196
FortiToken Mobile Google push servers (FAC 6.1.0 and earlier) TCP/443

3rd-Party Servers

SMTP

TCP/25

DNS

UDP/53

Windows AD

TCP/88

NTP

UDP/123

LDAP

TCP/389, TCP/3268

Domain Control

TCP/445

LDAPS

TCP/636, TCP/3269

FSSO tiered architecture

TCP/5003

FTP/SFTP configuration and logs backup

TCP/21, TCP/22

SMS HTTP/HTTPS gateways

TCP/80, TCP/443

OAuth

TCP/443

CRL download

TCP/80, TCP/443

FortiNAC

FSSO

TCP/8000

FortiAnalyzer

Logging

UDP/514

Outgoing Ports

The following table identifies the outgoing ports for FortiAuthenticator and how the ports interact with other products:

Product

Purpose

Protocol and Port

FortiAuthenticator

(HA) HA heartbeat

UDP/720

(LB secondary) LB secondary sync

UDP/721, UDP/1194

FSSO tiered architecture

TCP/8003

FortiGate

Policy Authentication through Captive Portal

TCP/1000

RADIUS disconnect

TCP/1700

FortiGuard

FortiToken hardware seed retrieval TCP/443
FortiToken Mobile activation, provisioning, and transfer TCP/443
FortiToken Cloud communication TCP/8686
FortiGuard SMS TCP/443
FortiToken Mobile push proxy service (FAC 6.1.1 and later) TCP/443
FortiToken Mobile Apple push servers (FAC 6.1.0 and earlier) TCP/5223, TCP/2195, TCP/2196
FortiToken Mobile Google push servers (FAC 6.1.0 and earlier) TCP/443

3rd-Party Servers

SMTP

TCP/25

DNS

UDP/53

Windows AD

TCP/88

NTP

UDP/123

LDAP

TCP/389, TCP/3268

Domain Control

TCP/445

LDAPS

TCP/636, TCP/3269

FSSO tiered architecture

TCP/5003

FTP/SFTP configuration and logs backup

TCP/21, TCP/22

SMS HTTP/HTTPS gateways

TCP/80, TCP/443

OAuth

TCP/443

CRL download

TCP/80, TCP/443

FortiNAC

FSSO

TCP/8000

FortiAnalyzer

Logging

UDP/514