Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
yeowkm99
Contributor

TCP port 514 in FortiAnalyzer

During a recent VAPT security scanning, TCP port 514 was flagged out to be have weak SSL cert.

The recommendation was to get a propert SSL certificate for the appliance.

Can we disable port 514 on the Analyzer ?

my firmware version is 6.4.10. will upgrade to version 7.2 soon.

 

Contact the Certificate Authority to have the certificate reissued.
Purchase or generate a proper certificate for this service.
1 Solution
Debbie_FTNT
Staff
Staff

You can generate a certificate via Let's Encrypt for example, and use that instead (replace the server certificate in FortiAnalyzer system settings):

https://docs.fortinet.com/document/fortigate/6.2.15/cookbook/718606/provision-a-trusted-certificate-...

-> the guide is for FortiGate, but generating the certificate is very similar on FortiAnalyzer

+++ Divide by Cucumber Error. Please Reinstall Universe and Reboot +++

View solution in original post

4 REPLIES 4
srajeswaran
Staff
Staff

TCP port 514 on Fortianalyzer is used by fortigates to connect and send logs, unfortunately we cannot disable that.

https://docs.fortinet.com/document/fortigate/6.4.0/ports-and-protocols/766616/fortianalyzer-open-por...

Regards,

Suraj

- Have you found a solution? Then give your helper a "Kudos" and mark the solution.

Debbie_FTNT
Staff
Staff

You can generate a certificate via Let's Encrypt for example, and use that instead (replace the server certificate in FortiAnalyzer system settings):

https://docs.fortinet.com/document/fortigate/6.2.15/cookbook/718606/provision-a-trusted-certificate-...

-> the guide is for FortiGate, but generating the certificate is very similar on FortiAnalyzer

+++ Divide by Cucumber Error. Please Reinstall Universe and Reboot +++
Edu_Master
New Contributor

Hello guys!

 

I'm trying to understand why my hosts conected to fortiEMS keep sending this logs to Fortianalyzer.

Can someone help me understand that, please!?

 

Captura de ecrã 2024-03-19 084844.png

ozkanaltas

Hello @Edu_Master ,

 

If you configured "Upload Logs to FortiAnalyzer/FortiManager" in the endpoint profiles-> system settings. Your client wants to send their log to Fortianalyzer.

 

You can find more information about in this link.

 

https://docs.fortinet.com/document/forticlient/7.2.4/ems-administration-guide/107284/system-settings

 

 

image.png

 

If you have found a solution, please like and accept it to make it easily accessible to others.
NSE4-5-6-7 OT Sec - ENT FW
If you have found a solution, please like and accept it to make it easily accessible to others.NSE4-5-6-7 OT Sec - ENT FW
Labels
Top Kudoed Authors