Technical Tip: Changing SSLVPN listening port

Description

This article describes how the SSL VPN listening port can be changed and necessary relevant changes need to be made.

Scope

FortiGate.

Solution

The following steps can be followed to change the SSLVPN listening port via GUI/CLI.

For changing via GUI navigate to VPN -> SSL-VPN Settings -> change the port to listen to:

The following commands can be used for changing it via CLI:

config vpn ssl settings

     set port <port-number>  <- Enter an integer value from <1> to <65535> (default = <10443>).

end

Relevant changes must be made on FortiClient. See Connecting from FortiClient VPN client, enable the 'customize port' in the VPN settings, and use the port that is configured on FortiGate. 

From v7.2, the default SSL VPN listening port is changed to 10443 

Note:

If the warning comes up stating it is conflicting with another port that is being used: Technical Tip: SSL VPN port conflict warning to fix it.