Incoming ports
The following table identifies ports for traffic that can be received by FortiManager and FortiAnalyzer units. The table excludes the incoming ports used between FortiManager and FortiGuard. For information about incoming ports used between FortiManager and FortiGuard, see FortiManager and FortiGuard.
| Incoming Port Purpose | Port(s) |
|---|---|
|
Ping |
ICMP protocol |
|
SSH administrative access to the CLI |
TCP 22 |
|
Telnet administrative access to the CLI |
TCP 23 |
|
HTTP administrative access to the GUI |
TCP 80 |
|
HTTPS administrative access to the GUI |
TCP 443 |
|
Receive logs from FortiGate and FortiClient Synchronize log database between FortiAnalyzer HA units |
TCP 514 |
|
FortiManager listens for requests from FortiGate to set up central management (FGFM tunnel requests for IPv4) |
TCP 541 (IPv4) TCP 542 (IPv6) |
|
Log aggregation server (requires FortiManager 800 series or higher models). |
TCP 3000 |
|
FortiManager high-availability (HA) and configuration synchronization |
TCP 5199 |
|
Web Service |
TCP 8080 |
|
SNMP query |
UDP 161 |
|
Syslog, log forwarding Log forwarding uses the OFTPD protocol. |
UDP 514 If reliable logging is enabled, TCP 514 is used. |
|
EMS for Chromebooks logging |
TCP 8443 |