Fortinet Document Library

Version:


Table of Contents

6.4.0
Download PDF
Copy Link

Incoming Ports

The following table identifies the incoming ports for FortiAuthenticator and how the ports interact with other products:

Product

Purpose

Protocol and Port

FortiAuthenticator

 

 

 

Load-balancing HA secondary

UDP/721, UDP/1194

Redundant HA cluster

UDP/720

FSSO tiered architecture

TCP/8003

FortiGate

 

 

 

 

 

 

 

 

LDAP, PKI Authentication

TCP or UDP/389

RADIUS

UDP/1812

FSSO

TCP/8000

RADIUS Accounting

UDP/1813, UDP/1646

SCEP

TCP/80, TCP/443

CRL download

TCP/80

External captive portal

TCP/443

TACACS+

TCP/49

FortiClient

SSO Mobility Agent, FSSO

TCP/8001 (by default; this port can be customized)

FortiToken Mobile

 

Push approve/deny

TCP/443

FTM device transfer

TCP/443

Others

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

SSH CLI

TCP/22

Telnet

TCP/23

HTTP & SCEP

TCP/80

SNMP Poll

UDP/161

Web Admin

TCP/80, TCP/443

LDAP

TCP/389, TCP/3268

LDAPS

TCP/636, TCP/3269

RADIUS

UDP/1812, UDP/1813

OCSP

TCP/2560

Syslog

UDP/514

SAML

TCP/443

OAuth

TCP/443

TACACS+

TCP/49

RADSEC

TCP/2083

3rd-Party Servers

 

FSSO DC/TS agents

TCP/8002

FortiAuthenticator Windows/OWA agent

TCP/443

Incoming Ports

The following table identifies the incoming ports for FortiAuthenticator and how the ports interact with other products:

Product

Purpose

Protocol and Port

FortiAuthenticator

 

 

 

Load-balancing HA secondary

UDP/721, UDP/1194

Redundant HA cluster

UDP/720

FSSO tiered architecture

TCP/8003

FortiGate

 

 

 

 

 

 

 

 

LDAP, PKI Authentication

TCP or UDP/389

RADIUS

UDP/1812

FSSO

TCP/8000

RADIUS Accounting

UDP/1813, UDP/1646

SCEP

TCP/80, TCP/443

CRL download

TCP/80

External captive portal

TCP/443

TACACS+

TCP/49

FortiClient

SSO Mobility Agent, FSSO

TCP/8001 (by default; this port can be customized)

FortiToken Mobile

 

Push approve/deny

TCP/443

FTM device transfer

TCP/443

Others

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

SSH CLI

TCP/22

Telnet

TCP/23

HTTP & SCEP

TCP/80

SNMP Poll

UDP/161

Web Admin

TCP/80, TCP/443

LDAP

TCP/389, TCP/3268

LDAPS

TCP/636, TCP/3269

RADIUS

UDP/1812, UDP/1813

OCSP

TCP/2560

Syslog

UDP/514

SAML

TCP/443

OAuth

TCP/443

TACACS+

TCP/49

RADSEC

TCP/2083

3rd-Party Servers

 

FSSO DC/TS agents

TCP/8002

FortiAuthenticator Windows/OWA agent

TCP/443