Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
cam5720
New Contributor

Created on ‎06-13-2023 08:01 AM Edited on ‎06-13-2023 08:05 AM

Fortinet Interface

FortiClient login interface is running on 11443/TCP, as expected. A scan also identified 80/TCP open and forwarding to 11443/TCP. Is it necessary for port 80 to be open for VPN functionality?  And if not, can port 80 be turned off and still have VPN functionality on 11443/TCP?

Labels:
216
0 Kudos
1 REPLY 1
msmrox
New Contributor

Created on ‎06-13-2023 02:13 PM

Have you disabled the http allowance in the WAN interface?

Do you use Let's encrypt certs for VPN? If yes then this is expected as ACME service uses port 80 on the WAN interface.

https://docs.fortinet.com/document/fortigate/7.0.0/new-features/822087/acme-certificate-support

 

189
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.​

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2023 Fortinet, Inc. All Rights Reserved.