Fortinet Document Library

Version:


Table of Contents

6.2.0
Download PDF
Copy Link

FortiAuthenticator open ports

Incoming ports

Purpose

Protocol/Port

FortiAuthenticator

Load-balancing HA slave

UDP/721, UDP/1194

Redundant HA cluster

UDP/720

FortiClient

SSO Mobility Agent, FSSO

TCP/8001 (by default; this port can be customized)

FortiGate

LDAP, PKI Authentication

TCP or UDP/389

RADIUS

UDP/1812

FSSO

TCP/8000

RADIUS Accounting

UDP/1813, UDP/1646

SCEP

TCP/80, TCP/443

FortiToken Push

Apple Push Notification (APN) service

TCP/5223, TCP/2195, TCP/2196

Activation and fallback

TCP/443

Others

SSH CLI

TCP/22

Telnet

TCP/23

HTTP & SCEP

TCP/80

SNMP Poll

UDP/161

Web Admin

TCP/80, TCP/443

LDAP

TCP/389

LDAPS

TCP/636

RADIUS

UDP/1812, UDP/1813

OCSP

TCP/2560

3rd-Party Servers

FSSO & Tiers

TCP/8002, TCP/8003

Outgoing ports

Purpose

Protocol/Port

FortiAuthenticator

(HA) HA heartbeat

UDP/720

(LB slave) LB slave sync

UDP/721, UDP/1194

FortiGate

Policy Authentication through Captive Portal

TCP/1000

FortiGuard

AV/IPS Updates

TCP/443

Virus Sample

TCP/25

SMS, FTM, Licensing, Policy Override Authentication, URL/AS Updates

TCP/443

Registration

TCP/80

3rd-Party Servers

SMTP, Alerts, Virus Sample

TCP/25

DNS

UDP/53

Windows AD

TCP/88

NTP

UDP/123

LDAP

TCP or UDP389

Domain Control

TCP/445

LDAPS

TCP/636

FSSO & Tiers

TCP/8002, TCP/8003

FortiAuthenticator open ports

Incoming ports

Purpose

Protocol/Port

FortiAuthenticator

Load-balancing HA slave

UDP/721, UDP/1194

Redundant HA cluster

UDP/720

FortiClient

SSO Mobility Agent, FSSO

TCP/8001 (by default; this port can be customized)

FortiGate

LDAP, PKI Authentication

TCP or UDP/389

RADIUS

UDP/1812

FSSO

TCP/8000

RADIUS Accounting

UDP/1813, UDP/1646

SCEP

TCP/80, TCP/443

FortiToken Push

Apple Push Notification (APN) service

TCP/5223, TCP/2195, TCP/2196

Activation and fallback

TCP/443

Others

SSH CLI

TCP/22

Telnet

TCP/23

HTTP & SCEP

TCP/80

SNMP Poll

UDP/161

Web Admin

TCP/80, TCP/443

LDAP

TCP/389

LDAPS

TCP/636

RADIUS

UDP/1812, UDP/1813

OCSP

TCP/2560

3rd-Party Servers

FSSO & Tiers

TCP/8002, TCP/8003

Outgoing ports

Purpose

Protocol/Port

FortiAuthenticator

(HA) HA heartbeat

UDP/720

(LB slave) LB slave sync

UDP/721, UDP/1194

FortiGate

Policy Authentication through Captive Portal

TCP/1000

FortiGuard

AV/IPS Updates

TCP/443

Virus Sample

TCP/25

SMS, FTM, Licensing, Policy Override Authentication, URL/AS Updates

TCP/443

Registration

TCP/80

3rd-Party Servers

SMTP, Alerts, Virus Sample

TCP/25

DNS

UDP/53

Windows AD

TCP/88

NTP

UDP/123

LDAP

TCP or UDP389

Domain Control

TCP/445

LDAPS

TCP/636

FSSO & Tiers

TCP/8002, TCP/8003