Outgoing Ports
The following table identifies the outgoing ports for FortiAuthenticator and how the ports interact with other products:
Product |
Purpose |
Protocol and Port |
---|---|---|
FortiAuthenticator
|
(HA) HA heartbeat |
UDP/720 |
(LB secondary) LB secondary sync |
UDP/721, UDP/1194 |
|
FSSO tiered architecture |
TCP/8003 |
|
FortiGate
|
Policy Authentication through Captive Portal |
TCP/1000 |
RADIUS disconnect |
TCP/1700 |
|
FortiGuard
|
FortiToken hardware seed retrieval | TCP/443 |
FortiToken Mobile activation, provisioning, and transfer | TCP/443 | |
FortiToken Cloud communication | TCP/8686 | |
FortiGuard SMS | TCP/443 | |
FortiToken Mobile push proxy service (FAC 6.1.1 and later) | TCP/443 | |
FortiToken Mobile Apple push servers (FAC 6.1.0 and earlier) | TCP/5223, TCP/2195, TCP/2196 | |
FortiToken Mobile Google push servers (FAC 6.1.0 and earlier) | TCP/443 | |
3rd-Party Servers
|
SMTP |
TCP/25 |
DNS |
UDP/53 |
|
Windows AD |
TCP/88 |
|
NTP |
UDP/123 |
|
LDAP |
TCP/389, TCP/3268 |
|
Domain Control |
TCP/445 |
|
LDAPS |
TCP/636, TCP/3269 |
|
FSSO tiered architecture |
TCP/5003 |
|
FTP/SFTP configuration and logs backup |
TCP/21, TCP/22 |
|
SMS HTTP/HTTPS gateways |
TCP/80, TCP/443 |
|
OAuth |
TCP/443 |
|
CRL download |
TCP/80, TCP/443 |
|
FortiNAC |
FSSO |
TCP/8000 |
FortiAnalyzer |
Logging |
UDP/514 |