Fortinet black logo

Incoming Ports

6.4.0
Copy Link
Copy Doc ID d42666a5-eb01-11eb-97f7-00505692583a:940947
Download PDF

Incoming Ports

The following table identifies the incoming ports for FortiAuthenticator and how the ports interact with other products:

Product

Purpose

Protocol and Port

FortiAuthenticator

(HA) HA heartbeat

UDP/720

(LB secondary) LB secondary sync

UDP/721, UDP/1194

FSSO tiered architecture

TCP/8003

FortiGate

LDAP, PKI Authentication

TCP or UDP/389

RADIUS

UDP/1812

RADIUS Accounting

UDP/1813, UDP/1646

SCEP

TCP/80, TCP/443

CRL download

TCP/80

External captive portal

TCP/443

TACACS+

TCP/49

FortiToken Mobile

Push approve/deny

TCP/443

FTM device transfer

TCP/443

Others

SSH CLI

TCP/22

Telnet

TCP/23

HTTP & SCEP

TCP/80

SNMP Poll

UDP/161

Web Admin

TCP/80, TCP/443

LDAP

TCP/389, TCP/3268

LDAPS

TCP/636, TCP/3269

RADIUS

UDP/1812, UDP/1813

OCSP

TCP/2560

Syslog

UDP/514

SAML

TCP/443

OAuth

TCP/443

TACACS+

TCP/49

RADSEC

TCP/2083

3rd-Party Servers

FortiAuthenticator Windows/OWA Agent

TCP/443

FSSO DC Agent

UDP/8002, TCP/8002

FSSO TS Agent

UDP/8002, TCP/8002

Incoming Ports

The following table identifies the incoming ports for FortiAuthenticator and how the ports interact with other products:

Product

Purpose

Protocol and Port

FortiAuthenticator

(HA) HA heartbeat

UDP/720

(LB secondary) LB secondary sync

UDP/721, UDP/1194

FSSO tiered architecture

TCP/8003

FortiGate

LDAP, PKI Authentication

TCP or UDP/389

RADIUS

UDP/1812

RADIUS Accounting

UDP/1813, UDP/1646

SCEP

TCP/80, TCP/443

CRL download

TCP/80

External captive portal

TCP/443

TACACS+

TCP/49

FortiToken Mobile

Push approve/deny

TCP/443

FTM device transfer

TCP/443

Others

SSH CLI

TCP/22

Telnet

TCP/23

HTTP & SCEP

TCP/80

SNMP Poll

UDP/161

Web Admin

TCP/80, TCP/443

LDAP

TCP/389, TCP/3268

LDAPS

TCP/636, TCP/3269

RADIUS

UDP/1812, UDP/1813

OCSP

TCP/2560

Syslog

UDP/514

SAML

TCP/443

OAuth

TCP/443

TACACS+

TCP/49

RADSEC

TCP/2083

3rd-Party Servers

FortiAuthenticator Windows/OWA Agent

TCP/443

FSSO DC Agent

UDP/8002, TCP/8002

FSSO TS Agent

UDP/8002, TCP/8002