FortiOS ports
There are 65,535 ports in TCP and UDP stacks that applications can use when they communicate with each other. Many of these ports are commonly known to be associated with specific applications or protocols. These ports can be useful when you troubleshoot your network.
Use the following ports when you troubleshoot your FortiGate:
Port |
Functionality |
---|---|
UDP 53 |
DNS lookup, RBL lookup |
UDP 53 or UDP 8888 |
FortiGuard Antispam or Web Filtering rating lookup |
UDP 53 (default) or UDP 8888 and UDP 1027 or UDP 1031 |
FDN server list - source and destination port numbers vary by originating or reply traffic |
UDP 123 |
NTP synchronization |
UDP 162 |
SNMP traps |
UDP 514 |
SYSLOG - All FortiOS versions can use syslog to send log messages to remote syslog servers |
TCP 22 |
Configuration backup to FortiManager unit or FortiGuard Analysis and Management Service |
TCP 25 |
SMTP alert email, encrypted virus sample auto-submit |
TCP 389 or TCP 636 |
LDAP or PKI authentication |
TCP 443 |
FortiGuard Antivirus or IPS update - When you request updates from a FortiManager, instead of directly from the FDN, you must reconfigure this port as TCP 8890 |
TCP 443 |
FortiGuard Analysis and Management Service |
TCP 514 |
FortiGuard Analysis and Management Service log transmission (OFTP) |
TCP 514 |
SSL Management Tunnel to FortiGuard Analysis and Management Service . |
TCP 514 |
Quarantine, remote access to logs and reports on a FortiAnalyzer unit, device registration with FortiAnalyzer units (OFTP) |
TCP 1812 |
RADIUS authentication |
TCP 8000 and TCP 8002 |
FSSO |
TCP 10151 |
FortiGuard Analysis and Management Service contract validation |