There a multiple references to "FDNI" acronym (seemingly, referring to FortiGuard Distribution Network servers), but I cannot find exact expansion. Once and for all, what's "FDNI"?
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Created on 04-23-2024 07:32 AM Edited on 04-23-2024 07:53 AM
> When you configure Fortiguard servers, ...
Unless I configure FortiManager as local FDS, I never configure (Public) "Fortiguard servers" ... Fortigate just knows them based on my "update-server-location" preference.
> .. One of those services is a list of servers that will provide you some rating values for specific websites.
:
> FDNI is not some list that you specify somewhere, is a list of servers that FortiGuard will provide you ...
(Again) how does Fortigate obtain the list of (available Public FDN) servers? Perchance, retrieved from querying update.fortiguard.net?
Fortigate will retreive that list from FortiGuard services. No other way.
Created on 04-23-2024 07:56 AM Edited on 04-23-2024 07:58 AM
> Fortigate will retreive that list from FortiGuard services.
Of those specified in Anycast and unicast services, which?
We dont have visibility in backend servers so can not give an answer about that section. There are servers that respond in anycast and there are servers that respond in unicast traffic.
You can do some packet capture to find that out.
Created on 04-23-2024 08:13 AM Edited on 04-23-2024 08:16 AM
In Troubleshooting Tip: Unable to connect to FortiGuard servers can see "FortiGuard Server List requests to FortiGuard – 1027 UDP / 1031 UDP." but not associated destination FQDN - it would be great to know what it is.
Neither UDP/1027 nor UDP/1031 are mentioned Outgoing Ports - is that a mistake or an omission?
@xshkurti That's ancient - who can rely on that?
Created on 04-23-2024 08:34 AM Edited on 04-23-2024 08:38 AM
Port number list containing 65535 different ports is even older, but it hasn't changed for 50 years :)
BTW, that doc is updated in 2021.
@xshkurti(As Fortinet-er) can you confirm current utilisation of UDP/1027 and UDP/1031?
I can confirm that this port list is accurate:
Traffic Types and TCP/UDP Ports used by F... - Fortinet Community
And that different servers use different ports for different reasons. One of them might be as redundant if some ports are blocked by ISP.
In your Fortigate you can do some traffic capture to see which port is your device using.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1698 | |
1092 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.