Fortinet white logo
Fortinet white logo

Protocol components

Protocol components

The fgfm protocol runs over SSL (Secure Sockets Layer) using TCP/541 for IPv4. FortiManager also supports IPv6 over TCP/542. This document assumes use of IPv4 over TCP/541 for its examples.

Both FortiGate and FortiManager units have a fgfm daemon running exclusively for FortiGate to FortiManager communication. The FortiManager unit listens on TCP port 541 for an incoming session request. The FortiGate unit establishes an SSL session with the FortiManager. Both units use TCP port 541 for sending and receiving messages.

The fgfm daemon handles all FortiGate to FortiManager (and vice versa) authentication, keep-alive messages and actions resulting from them (such as instructing another daemon on a FortiGate device to update its configuration or various database files).

Protocol components

Protocol components

The fgfm protocol runs over SSL (Secure Sockets Layer) using TCP/541 for IPv4. FortiManager also supports IPv6 over TCP/542. This document assumes use of IPv4 over TCP/541 for its examples.

Both FortiGate and FortiManager units have a fgfm daemon running exclusively for FortiGate to FortiManager communication. The FortiManager unit listens on TCP port 541 for an incoming session request. The FortiGate unit establishes an SSL session with the FortiManager. Both units use TCP port 541 for sending and receiving messages.

The fgfm daemon handles all FortiGate to FortiManager (and vice versa) authentication, keep-alive messages and actions resulting from them (such as instructing another daemon on a FortiGate device to update its configuration or various database files).