Description |
This article describes that after enabling the FortiManager Cloud connector from the FortiGate, if a port scan is performed against the external interface (WAN) of the FortiGate, then the ports 541, 53, 80, and 443 show us as 'open' even though they are disabled at the interface level. |
Scope | FortiGate. |
Solution |
For a port scan that reveals ports 541, 53, 80, and 443 are open with respect to an external interface that has 'FMG-Access' enabled in the interface, but other administrative access disabled, the reasons why the said ports show open are as below:
FOR PORT 541:
Related document: FGFM - FortiGate to FortiManager Protocol
Note: Port 542 is utilized for IPv6 connection.
FOR PORT 53 (DNS):
Related document:
FOR PORT 80 and 443:
Related article: Troubleshooting Tip: How to troubleshoot connectivity issues between FortiGate and FortiManager
|
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.