Fortinet Document Library

Version:


Table of Contents

6.2.0
Download PDF
Copy Link

Outgoing ports

The following table identifies the ports for traffic originating from FortiManager and FortiAnalyzer units.

Outgoing Port Purpose Port(s)

SMTP alert email

TCP 25

TACACS+ authentication

TCP 49

User name LDAP queries for reports

TCP 389 or TCP 636

Register FortiGate devices to FortiManager or FortiAnalyzer for configuration management

TCP 541 (IPv4)

TCP 542 (IPv6)

RADIUS authentication

TCP 1812

Log aggregation client

TCP 3000

FortiManager high-availability (HA) and configuration synchronization

TCP 5199

Turn closed network mode logic on/off

TCP 8880

When applied, FortiManager cannot fetch FortiGuard content from the public FortiGuard cloud.

If your are using FortiManager as a FortiGuard server for your managed devices, you will need to manually upload FortiGuard content in FortiManager.

DNS lookup

UDP 53

NTP synchronization

UDP 123

SNMP traps

UDP 162

Syslog, log forwarding

UDP 514

If reliable logging is enabled, syslog traffic can use TCP 514.

Outgoing ports

The following table identifies the ports for traffic originating from FortiManager and FortiAnalyzer units.

Outgoing Port Purpose Port(s)

SMTP alert email

TCP 25

TACACS+ authentication

TCP 49

User name LDAP queries for reports

TCP 389 or TCP 636

Register FortiGate devices to FortiManager or FortiAnalyzer for configuration management

TCP 541 (IPv4)

TCP 542 (IPv6)

RADIUS authentication

TCP 1812

Log aggregation client

TCP 3000

FortiManager high-availability (HA) and configuration synchronization

TCP 5199

Turn closed network mode logic on/off

TCP 8880

When applied, FortiManager cannot fetch FortiGuard content from the public FortiGuard cloud.

If your are using FortiManager as a FortiGuard server for your managed devices, you will need to manually upload FortiGuard content in FortiManager.

DNS lookup

UDP 53

NTP synchronization

UDP 123

SNMP traps

UDP 162

Syslog, log forwarding

UDP 514

If reliable logging is enabled, syslog traffic can use TCP 514.