-
8/20/2019 FortiGate Open Ports-52
1/9
FortiOS™ Handbook - Open Ports Diagrams
VERSION 5.2.0
-
8/20/2019 FortiGate Open Ports-52
2/9
FORTINET DOCUMENT LIBRARY
http://docs.fortinet.com
FORTINET VIDEO GUIDE
http://video.fortinet.com
FORTINET BLOG
https://blog.fortinet.com
CUSTOMER SERVICE & SUPPORT
https://support.fortinet.com
FORTIGATE COOKBOOK
http://cookbook .fortinet.com
FORTINET TRAINING SERVICES
http://www.fortinet.com/training
FORTIGUARD CENTER
http://www.fortiguard.com
END USER LICENSE AGREEMENT
http://www.fortinet.com/doc/legal/EULA.pdf
FEEDBACK
Email: [email protected]
July-14-15
FortiOS™ Handbook - Open Ports Diagrams
00-30006-0390-20150318
http://docs.fortinet.com/http://cookbook.fortinet.com/mailto:[email protected]://www.fortinet.com/doc/legal/EULA.pdfhttp://www.fortiguard.com/http://training.fortinet.com/http://cookbook.fortinet.com/https://support.fortinet.com/https://blog.fortinet.com/http://video.fortinet.com/http://docs.fortinet.com/
-
8/20/2019 FortiGate Open Ports-52
3/9
FortiGate Open Ports Diagram
FortiGate Open Ports Diagram
3 Open Ports Diagrams for FortiOS 5.2
Fortinet Technologies Inc.
Management TCP/541
Log Report TCP
or UDP
/514
Secure SNMP UDP/161, UDP/
162
FortiManager I 1 FortiGuard Queries - TCP/
8890
,
UD
P/53
t J
AV/IPS Update TCP/
443
Cloud App
DB
TCP/
9582
(flow.fortinet.net)
FortiGuard Queries
UDP/53 , UDP/8888
DNS UDP/53 , UDP/
8888
Registration - TCP/80
Alert Email, Virus Sample - TCP/25
Management, Firmware, SMS,
TM , Licensing, Policy Override-
TCP/443
FortiAuthenticator ~
I
Listening
LDAP, PKI Auth TCP
orUDP/
389
RADIUS-
TCP/1812
FSSO TCP/
8000
Central Management, Analysis TCP/54 1 _ @
rti uard
Policy Override Auth -
TCP/
443
,
TCP
/
8008
FortiCiient Porta
TCP/8009
Policy Override Keepalive -
TCP/1000, TCP/1003
- 101
o r
tic
loud
Registration, Quarantine,
SSL
VPN
TCP/1 04
43
FortiAnalyzer
I } I
Logs Reports, Syslog TCP/443
OFTP
TCP/514
Management
TCP/54 1
Contract
Validation T
CP
/10151
Syslog, OFTP, Registration,
Quarantine, Log Report TCP/514
IPsec Secure SNMP - UDP/500 ,
UD
P/
4500
-
8/20/2019 FortiGate Open Ports-52
4/9
FortiAnalyzer Open Ports Diagram
FortiAnalyzer Open Ports Diagram
Open Ports Diagrams for FortiOS 5.2
Fortinet Technologies Inc.
4
Lis
tening
SSH CLI Management - TCP/22
Web
Admin - TCP/80, TCP/443
REST-
TCP/443
DC Polling - TCP/445
Log
Agg
- TCP/3000
MySQL
- TCP/3306
FortiGuard Queries -
UDP/53, UDP/
8888
A
V/
IPS Updates, SM
S
FTM,
Li
ce
ns
ing Poli
cy Ov
er
rid
e, RVS,
URUAS Update - TCP/443
LDAP
PKI Auth - TCP/389, UDP/389
Log Report- TCP/21,
TC
P/22
configuration Backups - TCP/22
Alert
Email
- TCP/25
DNS- UDP/53
NTP - U
DP
/123
SNMP Traps - UDP/162
Report
Query
- TCP/389
Syslog OFTP- TCP or UDP/514
RADIUS - TCP/1812
Syslog OFTP, Registration,
Quarantine, Log Report
TCP/
514
r =; l
Event
Logs-
UDP/5246
Fort
iGuard
0 _ __ IIIo...
@
ortiGuard
Jrd-
Party Servers
Syslog
, OFTP, Registration ,
] Forticloud
FortiAnalyzer
10]
Quarantine , Log
Report-
TCP/514
Event Logs
- UDP/
5246
Syslog OFTP,
Registration
Quarantine, Log Report -TCP/514
Event
Logs- UDP/5246
FortiAP-S Open Ports Diagram
-
8/20/2019 FortiGate Open Ports-52
5/9
FortiAuthenticator Open Ports Diagram
FortiAuthenticator Open Ports Diagram
5 Open Ports Diagrams for FortiOS 5.2
Fortinet Technologies Inc.
Ustenlng
3rd-Party Servers
FortiGu
ard @
FortiManager
I
@
I
SSH
CLI
-
TCP/22
Telnet -
TCP/23
HTTP SCEP
-
TCP
/80
SNMP Poll- UDP/
161
Web Admin • TCP/80, TCP/443
LDAP -
TCP/389
LDAPS •
TCP
/636
RAD
IU
S - TCP/1812, TCP/1813
OCSP •
TCP
/
2560
SMTP
,
Alert
s, Vi ru s
Samp
le
• TCP/25
DN
S -
UDP/52
Window
s AD - TCP/88
NTP •
UDP/123
LDAP -
TCP or UDP/389
Domain
Co n
t rol • T
CP/445
LDAPS -
TCP/636
FSSO
Tiers • TCP/8002,
TCP/8003
V
Update
Registration - TCP/80
URUAS
Rating, DNS, FON
RADIUS
•
TCP/1812
FSSO
-
TCP/8000
l
AV/
I
PS UPdates
·
TCP/443
Virus Sample -
TC
P/25
SMS,
FTM
, Licensing
Policy override Auth
,
URLIAS
Updates
-
TCP/443
Registration • TCP/80
[ill]
FortiGate
@
ortiGuard
VPN Settings - TCPI8900
Policy override
Auth - TCPI8010
Explicit Proxy
- TCPI8080
rp l11
.
L.. .. .. J
Fort1Gate
FortiGuard Quer
ies-
UDPI53, UDPI8888
FortiGuard Queries - UDPI53,
UDPI8888
- I
;=>
I
ortiAuthenticator
SSO
Mobility Agent-
TCPI8001
FSSO - TCPI8001
FortiClient Open Ports Diagram
-
8/20/2019 FortiGate Open Ports-52
6/9
FortiCloud Open Ports Diagram
FortiCloud Open Ports Diagram
Open Ports Diagrams for FortiOS 5.2
Fortinet Technologies Inc.
6
~
:::1
Reg i
stration
TCP
/4
43
r:=;
_
..
~
FortiGuard
Management - TCP/541
AV/IPS UDP/9443 rp.l11 .
... ._. _ L.. .. .. J
Fort1Gate
FortiGuard Open Ports Diagram
-
8/20/2019 FortiGate Open Ports-52
7/9
FortiManager Open Ports Diagram
FortiManager Open Ports Diagram
7 Open Ports Diagrams for FortiOS 5.2
Fortinet Technologies Inc.
Syslog OFTP
TCP
/51 4,
UDP/
514
FortiAnalyzer
10
1
egistration
-
TCP
/541
<
FortiManager I
@
I
l isten
ing
Forti Sandbox
Community Cloud
(TCP/443)
3rd
-Party r v r s
_
UDP
/
53
NTP -
UDP
/123
SNMP Traps -
UDP
/
162
Proxied HTTPS
Traffic - T
CP
/
44
3
RADIUS
T
CP
/1812
SSH
CLI Management TCP/22
Telnet CLI Management - TCP
/23
W
eb
A
dmin
- TCP/
80
,
TC
P/443
OFTP C
ommunication with
FortiGate FortiMail - TCP/514
Upload detected
malware information
FortiSandbox will use a random
port picked
by the
kernel
AV
/IPS
Push
- UOP/
9443
SSH CLI Management - T
CP
/22
Management TCP/541
SNMP Poll - UOP 1 61, UOP/162
FortiGuard Queries - TCP/
443
[J.[] FortiGate
Listening
r;: ;1
FortiGuard
AVS/IPS
Updates
,
URUAS
Update,
\ ; ; )
Firmware
, SMS, FTM, Licensing,
Policy Override
Au
th - TCP/443
Registration
- TCP/80
Fort1Sandbox will use a random
port picked by the
FortiSandbox will use a random
port picked
by
the kernel
FortiGuard Di
stributi
on Servers
(TCP/8890)
CI
FortiGuard Web Filtering Servers
(UDP/53. UDP/8888)
FortiSandbox Open Ports Diagram
-
8/20/2019 FortiGate Open Ports-52
8/9
3rd-Party Servers Open Ports Diagram
3rd-Party Servers Open Ports Diagram
Open Ports Diagrams for FortiOS 5.2
Fortinet Technologies Inc.
8
FSSO iers -
-
8/20/2019 FortiGate Open Ports-52
9/9
Copyright© 2015 Fortinet, Inc. All rights reserved. Fortinet®,
FortiGate®, FortiCare® and FortiGuard®, andc ertain other marks
areregistered trademarks of Fortinet,
Inc., in the U.S. andother jurisdictions, andother Fortinet
names herein may alsobe registered and/or commonlaw trademarks of
Fortinet. All otherproduct or company
names may be trademarks of their respective owners.
Performanceand other metrics contained hereinwere attained in
internallab tests under ideal conditions, and
actualperformance andother results may vary. Network variables,
different network environments and other conditions may aff ect
performance results. Nothing herein
represents any binding commitment by Fortinet, and Fortinet
disclaims allwarranties, whether express or implied, except to the
extent Fortinet enters a binding written
contract, signed by Fortinet’s General Counsel, with a purchaser
that expressly warrants t hat the identifiedproduct willperform
accordingt o certain expressly-identified
performance metrics and, in such event, only the specific
performancemetrics expressly identified in such binding written
contract shall be binding on Fortinet. For
absolute clarity, any such warranty will be limited to
performance in the same ideal conditions as in Fortinet’s internal
labt ests. In no event does Fortinet make any
commitment relatedt o futuredeliverables, f eatures, or
development, and circumstances may change such that any f
orward-looking statements herein arenot accurate.
Fortinet disclaims in full any covenants, representations,and
guarantees pursuant hereto, whetherex press orimplied. Fortinet
reserves the right to change, modify,
transfer, or otherwise reviset his publication without notice,
andt he most current version of the publication shall be
applicable.
