Description
FortiManager Open Ports
Solution
Incoming Ports Purpose Protocol/Port FortiGuard Queries UDP/53, UDP/8888 FortiClient Management TCP/541 FortiGate IPv6 TCP/542 FortiGate Log & Report TCP or UDP/514 FortiGate Secure SNMP UDP/161, UDP/162 FortiGate FortiGuard Queries TCP/8890, UDP/53 FortiGate AV/IPS UDP/9443 FortiGuard FortiClient Manager TCP/6028 FortiManager SSH CLI Management TCP/22 Others Telnet CLI Management TCP/23 Others SNMP Traps UDP/162 Others Web Admin TCP/80, TCP/443 Others
Outgoing Ports Purpose Protocol/Port Syslog & OFTP TCP/514, UDP/514 FortiAnalyzer Registration TCP/541 FortiAnalyzer AV/IPS Push UDP/9443 FortiGate SSH CLI Management TCP/22 FortiGate Management TCP/541 FortiGate SNMP Poll UDP/161, UDP/162 FortiGate FortiGuard Queries TCP/443 FortiGate AV/IPS Updates, URL/AS Update, Firmware, SMS, FTM, Licensing, Policy Override Authentication TCP/443 FortiGuard Registration TCP/80 FortiGuard FortiClient Manager TCP/6028 FortiManager DNS UDP/53 3rd-Party Servers NTP UDP/123 3rd-Party Servers SNMP Traps UDP/162 3rd-Party Servers Proxied HTTPS Traffic TCP/443 3rd-Party Servers RADIUS UDP/1812 3rd-Party Servers
Note that, while a proxy is configured, FortiManager uses the following URLs to access the FortiGuard Distribution Network (FDN) for the following updates:
fds1.fortinet.com - FortiGate AV/IPS package downloads
guard.fortinet.com - Webfilter/AntiSpam DB and AVfileQuery DB downloads
forticlient.fortinet.com - FortiClient signature package downloads
fgd1.fortigate.com:8888 - FortiClient Webfilter queries to FortiGuard
