FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
sbaikadi
Staff
Staff
Description
The port number information to connect to different Slots in FortiGate-6000 series is given below.
Using these numbers, SSH, HTTPS connections can be made to the required slot on the FortiGate6000 series.

These unique port numbers also helps in connecting to secondary firewall using the same management IP in case of HA.


Scope
For FortiGate-6000F series.

Solution
Case 1: When Firewalls are in HA cluster.

It is required to know the Chassis-ID of the firewall in the cluster. The chassis-ID can be seen from CLI:

Firewall 1.
Fortigate-6K1# config global
Fortigate-6k1(global) # show full system ha | grep chassis-id
    set chassis-id 1
Firewall 2.
Fortigate-6K2# config global
Fortigate-6k2(global) # show full system ha | grep chassis-id
    set chassis-id 2
Note.
1) Logging into the GUI or CLI using the MGMT interface IP address using default ports for SSH(22) or HTTPS(443) will always connect to the FortiGate-6000F management board (called slot 0 or MBD on the CLI) of the Master Firewall in HA cluster.
2) The management IP address to connect to the Master or Slave is always same since the MGMT interface IP address will be in sync.
3) These special port numbers always remains same even though the administrative port number to manage the firewall is changed.

Connecting to Chassis 1:

Connect to the GUI or CLI of individual FPCs using the MGMT interface IP address with a special port number.

For example, if the MGMT interface IP address is 10.1.1.1, connect to the GUI of the FPC in Slot-1 using the system management IP address followed by a special port number, for example: https://10.1.1.1:44301 or SSH to 10.1.1.1 on port 2201.

The FortiGate-6300F and 6301F have 7 slots (0 to 6) and the FortiGate-6500F and 6501F have 11 slots (0 to 10).
To connect to the management board and individual FPCs in Chassis 1 using below special port numbers:





Connecting to Chassis 2:

Connect to the GUI or CLI of individual FPCs using the MGMT interface IP address with a special port number.

For example, if the MGMT interface IP address is 10.1.1.1, connect to the GUI of the FPC in  Slot-1 using the system management IP address followed by a special port number, for example: https://10.1.1.1:44321 or SSH to 10.1.1.1 on port 2221.
To connect to the management board and individual FPCs in Chassis 2 using below special port numbers:




Case 2: When Firewall is NOT in HA.

Connect to the GUI or CLI of individual FPCs using the MGMT interface IP address with a special port number.

For example, if the MGMT interface IP address is 10.1.1.1, connect to the GUI of the FPC in  Slot-1 using the system management IP address followed by a special port number, for example: https://10.1.1.1:44301 or SSH to 10.1.1.1 on port 2201.
The FortiGate-6300F and 6301F have 7 slots (0 to 6) and the FortiGate-6500F and 6501F have 11 slots (0 to 10).

To connect to the management board and individual FPCs, use below special port numbers:



Contributors