Fortinet Document Library

Version:


Table of Contents

AWS Administration Guide

7.0.0
Download PDF
Copy Link

Opening ports in the security group

By default, when you deploy FortiGate-VM, there is a predefined security group that you can select based on Fortinet's recommendation. The following ports are allowed in the predefined security group assuming immediate and near-future needs.

 

Protocol/ports

Purpose

Incoming

TCP 22

SSH

 

TCP 80

HTTP

 

TCP 443

HTTPS, management GUI access to the FortiGate-VM

 

TCP 541

Management by FortiManager located outside AWS

 

TCP 3000

Not immediately required, but typically used for incoming access to web servers, and so on

 

TCP 8080

Outgoing

Any

 

FortiGate-specific open ports are explained in Fortinet Communication Ports and Protocols.

To configure bare-minimum access that gives the most strict incoming access, allow only TCP 443 to access the FortiGate-VM GUI console as mentioned in Connecting to the FortiGate-VM and close all other ports. You may want to allow ICMP for pinging, and so on, as needed.

Opening ports in the security group

By default, when you deploy FortiGate-VM, there is a predefined security group that you can select based on Fortinet's recommendation. The following ports are allowed in the predefined security group assuming immediate and near-future needs.

 

Protocol/ports

Purpose

Incoming

TCP 22

SSH

 

TCP 80

HTTP

 

TCP 443

HTTPS, management GUI access to the FortiGate-VM

 

TCP 541

Management by FortiManager located outside AWS

 

TCP 3000

Not immediately required, but typically used for incoming access to web servers, and so on

 

TCP 8080

Outgoing

Any

 

FortiGate-specific open ports are explained in Fortinet Communication Ports and Protocols.

To configure bare-minimum access that gives the most strict incoming access, allow only TCP 443 to access the FortiGate-VM GUI console as mentioned in Connecting to the FortiGate-VM and close all other ports. You may want to allow ICMP for pinging, and so on, as needed.