Fortinet black logo

AWS Administration Guide

Opening ports in the security group

Copy Link
Copy Doc ID 9e3b59dc-ba0b-11e9-a989-00505692583a:228062
Download PDF

Opening ports in the security group

By default, when you deploy FortiGate-VM, there is a predefined security group that you can select based on Fortinet's recommendation. The following ports are allowed in the predefined security group assuming immediate and near-future needs.

Protocol/ports

Purpose

Incoming

TCP 22

SSH

TCP 80

HTTP

TCP 443

HTTPS, management GUI access to the FortiGate-VM

TCP 541

Management by FortiManager located outside AWS

TCP 3000

Not immediately required, but typically used for incoming access to web servers, and so on

TCP 8080

Outgoing

Any

FortiGate-specific open ports are explained in Fortinet Communication Ports and Protocols.

To configure bare-minimum access that gives the most strict incoming access, allow only TCP 443 to access the FortiGate-VM GUI console as mentioned in Connecting to the FortiGate-VM and close all other ports. You may want to allow ICMP for pinging, and so on, as needed.

Opening ports in the security group

By default, when you deploy FortiGate-VM, there is a predefined security group that you can select based on Fortinet's recommendation. The following ports are allowed in the predefined security group assuming immediate and near-future needs.

Protocol/ports

Purpose

Incoming

TCP 22

SSH

TCP 80

HTTP

TCP 443

HTTPS, management GUI access to the FortiGate-VM

TCP 541

Management by FortiManager located outside AWS

TCP 3000

Not immediately required, but typically used for incoming access to web servers, and so on

TCP 8080

Outgoing

Any

FortiGate-specific open ports are explained in Fortinet Communication Ports and Protocols.

To configure bare-minimum access that gives the most strict incoming access, allow only TCP 443 to access the FortiGate-VM GUI console as mentioned in Connecting to the FortiGate-VM and close all other ports. You may want to allow ICMP for pinging, and so on, as needed.