Default port information
FortiDeceptor treats Port1 as reserved for device management. The other ports are used to deploy deception decoys.
The following table list the default open ports for each FortiDeceptor interface.
FortiDeceptor default ports:
Port (Interface) |
Default Open Ports |
---|---|
Port1 |
TCP ports 22 (SSH), 23 (Telnet), 80 and 443 (GUI). FortiGuard Distribution Servers (FDS) use TCP port 443 or 8890 for download. FortiDeceptor uses a random port picked by the kernel. FortiGuard Web Filtering servers use TCP port 443 or UDP port 53 or 8888. FortiDeceptor uses a random port picked up by the kernel. FortiDeceptor deception VM download uses TCP port 443 for download. FortiDeceptor uses a random port picked by the kernel. FortiDeceptor Manager is required to open port 8443 from the client (remote appliance) to the FortiDeceptor Manager. FortiDeceptor Manager is required to have access to virustotal.com over port 443 for malware analysis based on MD5 request. |
Port2 to port8 |
Each FortiDeceptor port can be directly connected to a specific VLAN or use the network trunk to communicate with multiple VLANs from a single interface. In DMZ mode, no service listens. In regular mode, token communication service listens on deployment interface monitor IP with port 1443. The token communication uses HTTPS protocol. |
The default port for FortiDeceptor VM is 443. To add HTTP, SSH, Telnet or another port, go to Network >Interfaces > port1> Edit. |