Outgoing ports
The following table identifies the outgoing ports for FortiManager and how the ports interact with other products:
Product |
Purpose |
Protocol and Port |
---|---|---|
FortiGate |
IPv4 FGFM management |
TCP/541 |
IPv6 FGFM management |
TCP/542 |
|
AV and IPS Push updates* |
UDP/9443 |
|
Non-Fortinet
|
SMTP email alerts |
TCP/25 |
TACACS+ Authentication |
TCP/49 |
|
LDAP queries |
TCP/389 or TCP/636 |
|
Log aggregation client |
TCP/3000 |
|
RADIUS Authentication |
TCP/1812 |
|
DNS lookup |
UDP/53 |
|
NTP synchronization |
UDP/123 |
|
SNMP traps |
UDP/162 |
|
Syslog, logforwarding |
UDP/514, TCP/514 |
|
Google Maps integration** |
https://maps.google.com https://maps.googleapis.com https://fonts.googleapis.com |
|
FortiManager
|
HA sync |
TCP/5199 |
FortiGuard and FortiClient Web Filter and Email Filter* |
TCP/8900 |
|
FortiGuard
|
Firmware images update |
TCP/443 |
Sprite Map and webGUI updates |
https://productapi.fortinet.com https://filestore.fortinet.com https://mapserver.fortinet.com |
|
AV & IPS updates |
https://fds1.fortinet.com |
|
Web Filtering and Anti-Spam updates |
https://guard.fortinet.net |
|
File query and GEOIP DB updates |
https://fqsvr.fortinet.com |
|
FortiClient signature updates |
https://forticlient.fortinet.net |
|
Google Maps license management |
https://mapserver.fortinet.com |
|
Fortinet Registry |
Management Extension Applications download (for example, FortiWLM MEA) |
TCP/443, TCP/4443 https://registry.fortinet.com |
* Applies only when FortiManager is acting as a local FortiGuard server.
** These URLs must be accessible by the admin user's PC for Google Maps integration. See Google Map integration.