Technical Tip: Which IPs and Port to allow on the ...

FortiWeb

A FortiWeb can be configured to join a Security Fabric through the root or downstream FortiGate.

Article Id 338900

Description

This Article describes which IPs and ports to allow on the Upstream Firewall for connectivity of FortiWeb to Threat Analytics Cloud.

Scope

FortiGate ( Any other Firewall on upstream), FortiWeb.

Solution

To connect Fortiweb to the Threat Analytics cloud, there are some requirements if there is a Firewall upstream of Fortiweb and some strict policy rules.

FortiWeb connects to Threat Analytics cloud on TCP port 9194 and 443. So these Ports have to be allowed on the upstream Firewall.

Along with this, 3 IPs can be included to allow a list on the upstream firewall. These IPs are fixed for the 3 servers of the Threat Analytics cloud.

b-1-public: 44.208.195.220
b-2-public: 44.207.169.173
b-3-public: 54.224.23.52

If ports and IP addresses are allowed on the firewall and still not working as expected, contact Fortinet TAC support.

103

Contributors

Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Technical Tip: Which IPs and Port to allow on the Upstream Firewall for connectivity to Threat Analytics Cloud