Fortinet black logo

FortiAuthenticator open ports

6.0.0
Copy Link
Copy Doc ID ea42bedb-a99b-11e9-81a4-00505692583a:176524
Download PDF
FortiClient Open Ports FortiGate Open Ports 3rd-Party Servers Open Ports 3rd-Party Servers Open Ports FortiGuard Open Ports FortiGate Open Ports

FortiAuthenticator open ports

Incoming ports
Purpose Protocol/Port
FortiAuthenticator Load-balancing HA secondary

UDP/721, UDP/1194

Redundant HA cluster UDP/720
FortiClient SSO Mobility Agent, FSSO TCP/8001 (by default; this port can be customized)
FortiGate LDAP, PKI Authentication TCP or UDP/389
RADIUS UDP/1812
FSSO TCP/8000
RADIUS Accounting UDP/1813, UDP/1646
SCEP TCP/80, TCP/443

FortiToken Push

Apple Push Notification (APN) service

TCP/5223, TCP/2195, TCP/2196

Activation and fallback

TCP/443

Others SSH CLI TCP/22
Telnet TCP/23
HTTP & SCEP TCP/80
SNMP Poll UDP/161
Web Admin TCP/80, TCP/443
LDAP TCP/389
LDAPS TCP/636
RADIUS UDP/1812, UDP/1813
OCSP TCP/2560
3rd-Party Servers FSSO & Tiers TCP/8002, TCP/8003

Outgoing ports
Purpose Protocol/Port
FortiAuthenticator (HA) HA heartbeat UDP/720
(LB secondary) LB secondary sync UDP/721, UDP/1194
FortiGate Policy Authentication through Captive Portal TCP/1000
FortiGuard AV/IPS Updates TCP/443
Virus Sample TCP/25
SMS, FTM, Licensing, Policy Override Authentication, URL/AS Updates TCP/443
Registration TCP/80
3rd-Party Servers SMTP, Alerts, Virus Sample TCP/25
DNS UDP/53
Windows AD TCP/88
NTP UDP/123
LDAP TCP or UDP389
Domain Control TCP/445
LDAPS TCP/636
FSSO & Tiers TCP/8002, TCP/8003
FortiClient Open Ports FortiGate Open Ports 3rd-Party Servers Open Ports 3rd-Party Servers Open Ports FortiGuard Open Ports FortiGate Open Ports

FortiAuthenticator open ports

Incoming ports
Purpose Protocol/Port
FortiAuthenticator Load-balancing HA secondary

UDP/721, UDP/1194

Redundant HA cluster UDP/720
FortiClient SSO Mobility Agent, FSSO TCP/8001 (by default; this port can be customized)
FortiGate LDAP, PKI Authentication TCP or UDP/389
RADIUS UDP/1812
FSSO TCP/8000
RADIUS Accounting UDP/1813, UDP/1646
SCEP TCP/80, TCP/443

FortiToken Push

Apple Push Notification (APN) service

TCP/5223, TCP/2195, TCP/2196

Activation and fallback

TCP/443

Others SSH CLI TCP/22
Telnet TCP/23
HTTP & SCEP TCP/80
SNMP Poll UDP/161
Web Admin TCP/80, TCP/443
LDAP TCP/389
LDAPS TCP/636
RADIUS UDP/1812, UDP/1813
OCSP TCP/2560
3rd-Party Servers FSSO & Tiers TCP/8002, TCP/8003

Outgoing ports
Purpose Protocol/Port
FortiAuthenticator (HA) HA heartbeat UDP/720
(LB secondary) LB secondary sync UDP/721, UDP/1194
FortiGate Policy Authentication through Captive Portal TCP/1000
FortiGuard AV/IPS Updates TCP/443
Virus Sample TCP/25
SMS, FTM, Licensing, Policy Override Authentication, URL/AS Updates TCP/443
Registration TCP/80
3rd-Party Servers SMTP, Alerts, Virus Sample TCP/25
DNS UDP/53
Windows AD TCP/88
NTP UDP/123
LDAP TCP or UDP389
Domain Control TCP/445
LDAPS TCP/636
FSSO & Tiers TCP/8002, TCP/8003