Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
knowles13088
New Contributor

Created on ‎07-12-2019 06:48 AM

VPN port

Just looking for ideas on other's approaches:

Our VPN SSL portal is functioning well.

 

We encountered an issue the other day when one of our users was apparently trying to connect at one of their client's sites. We're using 10443, which we feel flies well under the radar of most port scanners.

 

To accommodate this situation, we are considering changing the port. We don't have an additional public IP available for using 443, which is being used for webmail interface.

 

So, what are y'all using? 

 

Thanks

2708
0 Kudos
4 REPLIES 4
hubertzw
Contributor III

Created on ‎07-12-2019 09:16 AM

It doesn't matter what you set. Tools like nmap scans all ports. You can improve a security a bit by using geography objects (with IP) to limit who is allowed to initiate the VPN connection.

1796
0 Kudos
knowles13088
New Contributor
In response to hubertzw

Created on ‎07-12-2019 02:57 PM

Thanks. I understand what you are saying, but that was not my question. I don't really care what port I use. 

 

I just happened to choose 10443. On one of his client visits, the LAN admin was apparently blocking that port even on their guest network.

 

So, all I'm asking what port others may be using....

1798
0 Kudos
hubertzw
Contributor III
In response to hubertzw

Created on ‎07-12-2019 03:05 PM

I'd change management port for non-default and leave tcp/443 for sslvpn

1798
0 Kudos
knowles13088
New Contributor
In response to hubertzw

Created on ‎07-12-2019 06:04 PM

Thanks again. Per original post: 443 used for Outlook web access. Not looking for technical answer,  just opinion 

1799
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.