|
FortiGuard servers' location is based on the closest proximity to the FortiGate. However, it is possible to configure FortiGate to use public FortiGuard servers located only in the USA or European Union through the following commands:
config system fortiguard
set update-server-location [automatic | usa | eu]
end
Moreover, FortiGate uses different ports for rating services and update services:
Web filtering and antispam port when using public FortiGuard Servers:
UDP 8888
UDP 53
HTTPS 8888
HTTPS 53
HTTPS 443
Web filtering and antispam port when using FortiManager as a local FortiGuard server:
UDP 8888
UDP 53
HTTPS 53
HTTPS 8888
Antivirus and IPS updates:
HTTPS 443
FortiGuard Service:
service.fortiguard.net <----- UDP port 53, 8888; UDP and worldwide servers.
securewf.fortiguard.net <----- HTTPS over port 443, 53, 8888; HTTPS and worldwide servers.
update.fortiguard.net <----- TCP port 443.
usupdate.fortinet.net <----- TCP port 443.
usservice.fortiguard.net <----- UDP and USA-based-only servers.
ussecurewf.fortiguard.net <----- HTTPS and USA-based-only servers.
euservice.fortiguard.net <----- UDP and European-based-only servers.
eusecurewf.fortiguard.net <----- HTTPS and European-based-only servers.
Additional FortiGuard Subscription Services Domain and IP:
globalupdate.fortinet.net 173.243.140.6 <----- Object download server.
globalguardservice.fortinet.net 173.243.140.16 <----- Querying service server (webfiltering, antispam).
globallogctrl.fortinet.net 173.243.132.25 <----- FortiGate Cloud logging server.
globalmgrctrl.fortinet.net 173.243.132.26 <----- FortiGate Cloud management server.
globalmsgctrl.fortinet.net 173.243.132.27 <----- FortiGate Cloud messaging server.
globalaptctrl.fortinet.net 184.94.112.22 <----- FortiGate Cloud sandbox server.
globalproductapi.fortinet.net 66.35.17.252 <----- Product API server used by OCVPN registration and GUI icon download.
|
