Incoming ports
The following table identifies the incoming ports for FortiManager and how the ports interact with other products:
|
Product |
Purpose |
Protocol and Port |
|---|---|---|
|
FortiGate
|
IPv4 FGFM management |
TCP/541 |
|
IPv6 FGFM management |
TCP/542 |
|
|
WebFilter queries, AV & IPS updates* |
UDP/53, UDP/8888 |
|
|
TCP/80, TCP/8888 |
||
|
Antispam* |
TCP/8889 |
|
|
UDP/8889 |
||
|
FortiGuard Web Filter and Email Filter* |
TCP/8900 |
|
|
Registration for license validation and UTM updates (AV, IPS)* |
TCP/8890, TCP/443 |
|
|
Logging (all Fortinet products) |
OFTP |
TCP/514 |
|
FortiManager |
HA |
TCP/5199 |
|
Log aggregation server (requires FortiManager 800 series or higher) |
TCP/300 |
|
|
File query/AntiVirus query service |
TCP/8902 |
|
|
GeoIP service |
TCP/8903 |
|
|
Non-Fortinet products |
Syslog |
UDP/514, TCP/514 |
|
Chromebook |
Logging |
TCP/8443 |
|
Management |
Ping |
ICMP |
|
SSH |
TCP/22 |
|
|
HTTP |
TCP/80 |
|
|
HTTPS |
TCP/443 |
|
|
Web Service (API calls, JSON and XML respectively) |
TCP/443, TCP/8080 |
|
|
SNMP query |
UDP/161 |
|
|
FortiGuard |
AV and IPS push updates |
UDP/9443 |
|
FortiClient |
FortiGuard Web Filter and Email Filter* |
TCP/8901 |
* Applies only when FortiManager is acting as a local FortiGuard server.
