Incoming ports
Purpose |
Protocol/Port | |
---|---|---|
FortiAuthenticator | Policy Authentication through Captive Portal | TCP/1000 |
RADIUS disconnect | TCP/1700 | |
FortiClient | Remote IPsec VPN access | UDP/IKE 500, ESP (IP 50), NAT-T 4500 |
Remote SSL VPN access | TCP/443 | |
SSO Mobility Agent, FSSO | TCP/8001 | |
Compliance and Security Fabric | TCP/8013 (by default; this port can be customized) | |
FortiProxy | HA Heartbeat | ETH Layer 0x8890, 0x8891, and 0x8893 |
HA Synchronization | TCP/703, UDP/703 | |
Unicast Heartbeat for Azure | UDP/730 | |
DNS for Azure | UDP/53 | |
WAN optimization tunnels | TCP/7810 | |
FortiGuard | Management | TCP/541 |
AV/IPS | UDP/9443 | |
FortiManager | AV/IPS Push | UDP/9443 |
IPv4 FGFM management | TCP/541 | |
IPv6 FGFM management | TCP/542 | |
3rd-Party Servers | FSSO | TCP/8001 (by default; this port can be customized) |
Others | Web Admin | TCP/80, TCP/443 |
Policy Override Authentication | TCP/443, TCP/8008, TCP/8010 | |
Policy Override Keepalive | TCP/1000, TCP/1003 | |
SSL VPN | TCP/443 |