Fortinet black logo

Handbook

FortiOS ports

6.0.0
Copy Link
Copy Doc ID 4afb0436-a998-11e9-81a4-00505692583a:751061
Download PDF

FortiOS ports

There are 65,535 ports in TCP and UDP stacks that applications can use when they communicate with each other. Many of these ports are commonly known to be associated with specific applications or protocols. These ports can be useful when you troubleshoot your network.

Use the following ports when you troubleshoot your FortiGate:

Port

Functionality

UDP 53

DNS lookup, RBL lookup

UDP 53 or UDP 8888

FortiGuard Antispam or Web Filtering rating lookup

UDP 53 (default) or UDP 8888 and UDP 1027 or UDP 1031

FDN server list - source and destination port numbers vary by originating or reply traffic

UDP 123

NTP synchronization

UDP 162

SNMP traps

UDP 514

SYSLOG - All FortiOS versions can use syslog to send log messages to remote syslog servers

TCP 22

Configuration backup to FortiManager unit or FortiGuard Analysis and Management Service

TCP 25

SMTP alert email, encrypted virus sample auto-submit

TCP 389 or TCP 636

LDAP or PKI authentication

TCP 443

FortiGuard Antivirus or IPS update - When you request updates from a FortiManager, instead of directly from the FDN, you must reconfigure this port as TCP 8890

TCP 443

FortiGuard Analysis and Management Service

TCP 514

FortiGuard Analysis and Management Service log transmission (OFTP)

TCP 514

SSL Management Tunnel to FortiGuard Analysis and Management Service .

TCP 514

Quarantine, remote access to logs and reports on a FortiAnalyzer unit, device registration with FortiAnalyzer units (OFTP)

TCP 1812

RADIUS authentication

TCP 8000 and TCP 8002

FSSO

TCP 10151

FortiGuard Analysis and Management Service contract validation

FortiOS ports

There are 65,535 ports in TCP and UDP stacks that applications can use when they communicate with each other. Many of these ports are commonly known to be associated with specific applications or protocols. These ports can be useful when you troubleshoot your network.

Use the following ports when you troubleshoot your FortiGate:

Port

Functionality

UDP 53

DNS lookup, RBL lookup

UDP 53 or UDP 8888

FortiGuard Antispam or Web Filtering rating lookup

UDP 53 (default) or UDP 8888 and UDP 1027 or UDP 1031

FDN server list - source and destination port numbers vary by originating or reply traffic

UDP 123

NTP synchronization

UDP 162

SNMP traps

UDP 514

SYSLOG - All FortiOS versions can use syslog to send log messages to remote syslog servers

TCP 22

Configuration backup to FortiManager unit or FortiGuard Analysis and Management Service

TCP 25

SMTP alert email, encrypted virus sample auto-submit

TCP 389 or TCP 636

LDAP or PKI authentication

TCP 443

FortiGuard Antivirus or IPS update - When you request updates from a FortiManager, instead of directly from the FDN, you must reconfigure this port as TCP 8890

TCP 443

FortiGuard Analysis and Management Service

TCP 514

FortiGuard Analysis and Management Service log transmission (OFTP)

TCP 514

SSL Management Tunnel to FortiGuard Analysis and Management Service .

TCP 514

Quarantine, remote access to logs and reports on a FortiAnalyzer unit, device registration with FortiAnalyzer units (OFTP)

TCP 1812

RADIUS authentication

TCP 8000 and TCP 8002

FSSO

TCP 10151

FortiGuard Analysis and Management Service contract validation