Fortinet black logo

Outgoing ports

6.2.0
Copy Link
Copy Doc ID c8afa3de-5b0c-11e9-81a4-00505692583a:219001
Download PDF

Outgoing ports

The following table identifies the ports for traffic originating from FortiManager and FortiAnalyzer units.

Outgoing Port Purpose Port(s)

SMTP alert email

TCP/25

TACACS+ authentication

TCP/49

User name LDAP queries for reports

TCP/389 or TCP/636

Register FortiGate devices to FortiManager or FortiAnalyzer for configuration management

TCP/541 (IPv4)

TCP/542 (IPv6)

RADIUS authentication

TCP/1812

Log aggregation client

TCP/3000

FortiManager high-availability (HA) and configuration synchronization

TCP/5199

Turn closed network mode logic on/off

TCP/8880

When applied, FortiManager cannot fetch FortiGuard content from the public FortiGuard cloud.

If your are using FortiManager as a FortiGuard server for your managed devices, you will need to manually upload FortiGuard content in FortiManager.

DNS lookup

UDP/53

NTP synchronization

UDP/123

SNMP traps

UDP/162

Syslog, log forwarding

UDP/514

If reliable logging is enabled, syslog traffic can use TCP/514.

Outgoing ports

The following table identifies the ports for traffic originating from FortiManager and FortiAnalyzer units.

Outgoing Port Purpose Port(s)

SMTP alert email

TCP/25

TACACS+ authentication

TCP/49

User name LDAP queries for reports

TCP/389 or TCP/636

Register FortiGate devices to FortiManager or FortiAnalyzer for configuration management

TCP/541 (IPv4)

TCP/542 (IPv6)

RADIUS authentication

TCP/1812

Log aggregation client

TCP/3000

FortiManager high-availability (HA) and configuration synchronization

TCP/5199

Turn closed network mode logic on/off

TCP/8880

When applied, FortiManager cannot fetch FortiGuard content from the public FortiGuard cloud.

If your are using FortiManager as a FortiGuard server for your managed devices, you will need to manually upload FortiGuard content in FortiManager.

DNS lookup

UDP/53

NTP synchronization

UDP/123

SNMP traps

UDP/162

Syslog, log forwarding

UDP/514

If reliable logging is enabled, syslog traffic can use TCP/514.