Upstream Firewall Rules for Cloud Communication
This section describes the ports and protocols to be permitted through the firewall to secure communication with FortiLAN Cloud.
Note: Ensure that the FortiLAN Cloud managed devices can reach port 53 of a DNS server to resolve the hostnames of FortilAN Cloud servers.
FortiLAN Cloud
|
Service Type |
Description |
FQDN |
Port |
Protocol |
Used By |
|---|---|---|---|---|---|
| FortiLAN Cloud User Interface/API | Portal |
https://fortilan.forticloud.com/ https://us.fortilan.forticloud.com/ https://eu.fortilan.forticloud.com/ https://jp.fortilan.forticloud.com/ |
443 | HTTPS/TCP | FortiLAN Cloud user/network administrator |
| Login Manager |
https://login.fortilan.forticloud.com/
|
443 | HTTPS/TCP | FortiLAN Cloud user/network administrator |
FortiAP Portal
|
Service Type |
Description |
FQDN |
Port |
Protocol |
Used By |
|---|---|---|---|---|---|
| Dispatcher |
Dispatcher |
Apctrl1.forticloud.com Apctrl1.fortinet.com |
443 | HTTPS/TCP | FortiAP |
| FortiLAN Cloud User Interface/API/ UTM Logs and Device Tunnel
|
Global Domain |
https://apportal*-*.fortilan.forticloud.com/ https://apportal*-*.fortilan.forticloud.com/ https://apportal*-*.fortilan.forticloud.com/ https://apportal*-*.fortilan.forticloud.com/ https://apportal*-*.fortilan.forticloud.com/
The following is an example FQDN sampling *-* (1 - 9). https://apportal003-1.fortilan.forticloud.com/ |
TCP 443/514/8443 UDP 5246/5247 |
TCP and UDP |
|
|
Europe Domain |
https://eu.apportal*-*.fortilan.forticloud.com/ https://eu.apportal*-*.fortilan.forticloud.com/ https://eu.apportal*-*.fortilan.forticloud.com/
The following is an example FQDN sampling *-* (1 - 9). https://eu.apportal003-1.fortilan.forticloud.com/ |
TCP 443/514/8443 UDP 5246/5247 |
TCP and UDP |
|
|
|
Japan/APAC Domain |
https://jp.apportal*-*.fortilan.forticloud.com/
The following is an example FQDN sampling *-* (1 - 9). https://jp.apportal003-1.fortilan.forticloud.com/ |
TCP 443/514/8443 UDP 5246/5247 |
TCP and UDP |
|
|
|
USA Domain |
https://us.apportal*-*.fortilan.forticloud.com/
The following is an example FQDN sampling *-* (1 - 9). https://us.apportal003-1.fortilan.forticloud.com/ |
TCP 443/514/8443 UDP 5246/5247 |
TCP and UDP |
|
FortiSwitch Portal
|
Service Type |
Description |
FQDN |
Port |
Protocol |
Used By |
|---|---|---|---|---|---|
| Dispatcher |
|
Fortiswitch-dispatch.forticloud.com | 443 | TCP | FortiSwitch |
| Device Tunnel |
Global Domain |
fortiswitch-sockstunnel.forticloud.com |
8443/443 |
TCP | FortiSwitch |
|
Europe Domain |
eu.fortiswitch-sockstunnel.forticloud.com |
8443/443 |
TCP | FortiSwitch | |
|
Japan/APAC Domain |
jp.fortiswitch-sockstunnel.forticloud.com |
8443/443 |
TCP | FortiSwitch | |
|
USA Domain |
us.fortiswitch-sockstunnel.forticloud.com |
8443/443 |
TCP |
FortiSwitch |
CSV Version
FortiLAN Cloud
Service Type,Description,FQDN,Port,Protocol,Used By
FortiLAN Cloud User Interface/API,Portal,https://fortilan.forticloud.com/,443,HTTPS/TCP,FortiLAN Cloud user/network administrator
FortiLAN Cloud User Interface/API,Portal,https://us.fortilan.forticloud.com/,443,HTTPS/TCP,FortiLAN Cloud user/network administrator
FortiLAN Cloud User Interface/API,Portal,https://eu.fortilan.forticloud.com/,443,HTTPS/TCP,FortiLAN Cloud user/network administrator
FortiLAN Cloud User Interface/API,Portal,https://jp.fortilan.forticloud.com/,443,HTTPS/TCP,FortiLAN Cloud user/network administrator
Login Manager,,https://login.fortilan.forticloud.com/,443,HTTPS/TCP,FortiLAN Cloud user/network administrator
Login Manager,,https://us.login.fortilan.forticloud.com/,443,HTTPS/TCP,FortiLAN Cloud user/network administrator
Login Manager,,https://eu.login.fortilan.forticloud.com/,443,HTTPS/TCP,FortiLAN Cloud user/network administrator
Login Manager,,https://jp.login.fortilan.forticloud.com/,443,HTTPS/TCP,FortiLAN Cloud user/network administrator
FortiLAN Cloud - Network Portal - FortiAP Management
Service Type,Description,FQDN,Port,Protocol,Used By
Dispatcher,Dispatcher,Apctrl1.forticloud.com,443,HTTPS/TCP,FortiAP
Dispatcher,Dispatcher,Apctrl1.fortinet.com,443,HTTPS/TCP,FortiAP
FortiLAN Cloud User Interface/API/UTM Logs and Device Tunnel,Global Domain,https://apportal*-*.fortilan.forticloud.com/,TCP 443/514/8443 & UDP 5246/5247,TCP and UDP,FortiLAN Cloud user/network administrator/FortiAP
FortiLAN Cloud User Interface/API/UTM Logs and Device Tunnel,Europe Domain,https://eu.apportal*-*.fortilan.forticloud.com/,TCP 443/514/8443 & UDP 5246/5247,TCP and UDP,FortiLAN Cloud user/network administrator/FortiAP
FortiLAN Cloud User Interface/API/UTM Logs and Device Tunnel,Japan/APAC Domain,https://jp.apportal*-*.fortilan.forticloud.com/,TCP 443/514/8443 & UDP 5246/5247,TCP and UDP,FortiLAN Cloud user/network administrator/FortiAP
FortiLAN Cloud User Interface/API/UTM Logs and Device Tunnel,USA Domain,https://us.apportal*-*.fortilan.forticloud.com/,TCP 443/514/8443 & UDP 5246/5247,TCP and UDP,FortiLAN Cloud user/network administrator/FortiAP
FortiLAN Cloud - Network Portal - FortiSwitch Management
Service Type,Description,FQDN,Port,Protocol,Used By
Dispatcher,,fortiswitch-dispatch.forticloud.com,443,TCP,FortiSwitch
Device Tunnel,Global Domain,fortiswitch-sockstunnel.forticloud.com,8443/443,TCP,FortiSwitch
Device Tunnel,Europe Domain,eu.fortiswitch-sockstunnel.forticloud.com,8443/443,TCP,FortiSwitch
Device Tunnel,Japan/APAC Domain,jp.fortiswitch-sockstunnel.forticloud.com,8443/443,TCP,FortiSwitch
Device Tunnel,USA Domain,us.fortiswitch-sockstunnel.forticloud.com,8443/443,TCP,FortiSwitch