Fortinet black logo

Incoming ports

6.2.0
Copy Link
Copy Doc ID c8afa3de-5b0c-11e9-81a4-00505692583a:189421
Download PDF

Incoming ports

The following table identifies ports for traffic that can be received by FortiManager and FortiAnalyzer units. The table excludes the incoming ports used between FortiManager and FortiGuard. For information about incoming ports used between FortiManager and FortiGuard, see FortiManager and FortiGuard.

Incoming Port Purpose Port(s)

Ping

ICMP protocol

SSH administrative access to the CLI

TCP/22

Telnet administrative access to the CLI

TCP/23

HTTP administrative access to the GUI

TCP/80

HTTPS administrative access to the GUI

TCP/443

Receive logs from FortiGate and FortiClient

Synchronize log database between FortiAnalyzer HA units

TCP/514

FortiManager listens for requests from FortiGate to set up central management (FGFM tunnel requests for IPv4)

TCP/541 (IPv4)

TCP/542 (IPv6)

Log aggregation server (requires FortiManager 800 series or higher models).

TCP/3000

FortiManager high-availability (HA) and configuration synchronization

TCP/5199

Web Service

TCP/8080

SNMP query

UDP/161

Syslog, log forwarding

Log forwarding uses the OFTPD protocol.

UDP/514

If reliable logging is enabled, TCP/514 is used.

EMS for Chromebooks logging

TCP/8443

WebFilter queries, AV & IPS updates, when FortiManager is operating as a FortiGuard override server for FortiGate

UDP/53, UDP/8888

TCP/80, TCP/8888

Antispam, when FortiManager is operating as a FortiGuard override server for FortiGate

TCP/8889

UDP/8889

Registration for license validation and UTM updates (AV, IPS), when FortiManager is operating as a FortiGuard override server for FortiGate

TCP/443, TCP/8890

Incoming ports

The following table identifies ports for traffic that can be received by FortiManager and FortiAnalyzer units. The table excludes the incoming ports used between FortiManager and FortiGuard. For information about incoming ports used between FortiManager and FortiGuard, see FortiManager and FortiGuard.

Incoming Port Purpose Port(s)

Ping

ICMP protocol

SSH administrative access to the CLI

TCP/22

Telnet administrative access to the CLI

TCP/23

HTTP administrative access to the GUI

TCP/80

HTTPS administrative access to the GUI

TCP/443

Receive logs from FortiGate and FortiClient

Synchronize log database between FortiAnalyzer HA units

TCP/514

FortiManager listens for requests from FortiGate to set up central management (FGFM tunnel requests for IPv4)

TCP/541 (IPv4)

TCP/542 (IPv6)

Log aggregation server (requires FortiManager 800 series or higher models).

TCP/3000

FortiManager high-availability (HA) and configuration synchronization

TCP/5199

Web Service

TCP/8080

SNMP query

UDP/161

Syslog, log forwarding

Log forwarding uses the OFTPD protocol.

UDP/514

If reliable logging is enabled, TCP/514 is used.

EMS for Chromebooks logging

TCP/8443

WebFilter queries, AV & IPS updates, when FortiManager is operating as a FortiGuard override server for FortiGate

UDP/53, UDP/8888

TCP/80, TCP/8888

Antispam, when FortiManager is operating as a FortiGuard override server for FortiGate

TCP/8889

UDP/8889

Registration for license validation and UTM updates (AV, IPS), when FortiManager is operating as a FortiGuard override server for FortiGate

TCP/443, TCP/8890