Fortinet white logo
Fortinet white logo

Administration Guide

Default port information

Default port information

FortiDeceptor treats Port1 as reserved for device management. The other ports are used to deploy deception decoys.

The following table list the default open ports for each FortiDeceptor interface.

FortiDeceptor default ports:
  • Configure the FortiDeceptor management IP address on port1.
  • Port (Interface)

    Default Open Ports

    Port1

    TCP ports 22 (SSH) and 443 (GUI).

    FortiGuard Distribution Servers (FDS) use TCP port 443 or 8890 for download. FortiDeceptor uses a random port picked by the kernel.

    FortiGuard Web Filtering servers use TCP port 443 or UDP port 53 or 8888. FortiDeceptor uses a random port picked up by the kernel.

    FortiDeceptor deception VM download uses TCP port 443 for download. FortiDeceptor uses a random port picked by the kernel.

    FortiDeceptor Manager is required to open port 8443 from the client (remote appliance) to the FortiDeceptor Manager.

    FortiDeceptor Manager is required to have access to virustotal.com over port 443 for malware analysis based on MD5 request.

    Port2 to port8

    Each FortiDeceptor port can be directly connected to a specific VLAN or use the network trunk to communicate with multiple VLANs from a single interface.

    In DMZ mode, no service listens. In regular mode, the token communication service listens on the deployment network. The token communication uses HTTPS protocol.

    Note

    The default port for FortiDeceptor VM is 443. To add SSH or another port, go to Network >Interfaces > port1> Edit.

    Default port information

    Default port information

    FortiDeceptor treats Port1 as reserved for device management. The other ports are used to deploy deception decoys.

    The following table list the default open ports for each FortiDeceptor interface.

    FortiDeceptor default ports:
  • Configure the FortiDeceptor management IP address on port1.
  • Port (Interface)

    Default Open Ports

    Port1

    TCP ports 22 (SSH) and 443 (GUI).

    FortiGuard Distribution Servers (FDS) use TCP port 443 or 8890 for download. FortiDeceptor uses a random port picked by the kernel.

    FortiGuard Web Filtering servers use TCP port 443 or UDP port 53 or 8888. FortiDeceptor uses a random port picked up by the kernel.

    FortiDeceptor deception VM download uses TCP port 443 for download. FortiDeceptor uses a random port picked by the kernel.

    FortiDeceptor Manager is required to open port 8443 from the client (remote appliance) to the FortiDeceptor Manager.

    FortiDeceptor Manager is required to have access to virustotal.com over port 443 for malware analysis based on MD5 request.

    Port2 to port8

    Each FortiDeceptor port can be directly connected to a specific VLAN or use the network trunk to communicate with multiple VLANs from a single interface.

    In DMZ mode, no service listens. In regular mode, the token communication service listens on the deployment network. The token communication uses HTTPS protocol.

    Note

    The default port for FortiDeceptor VM is 443. To add SSH or another port, go to Network >Interfaces > port1> Edit.