Description
This article describes which ports are used for communication between NAC and the Persistent Agent.
Scope
FortiNAC.
Solution
Versions and Port Usage.
Agent 3.x and 4.x: TCP 4568 and UDP 4567.
Agent 5.x and later with NAC 8.1 and lower: TCP 4568 and UDP 4567.
Agent 5.0 to 5.2.6.69: TCP 4568 and UDP 4567.
Agent 5.3.x and up: TCP 4568 only.
Port: UDP 4567.
Description: Persistent Agent Communication.
Direction: Application Server eth0 & eth1: Bi-directional.
Port: TCP 4568.
Establish a Persistent Agent Communication (SSL) connection.
Agent 5.x and later with NAC 8.2 and later: Establish the Persistent Agent Communication. (SSL) connection and Persistent Agent Communication.
Direction: Application Server eth0 & eth1: Bi-directional.
Note: For L3 Network Type configurations, it is possible when communicating via eth1 that the UDP traffic may be sent out to the main eth1 IP address as opposed to the sub-interface (eth1:1, eth1:2, etc).
Port: TCP 80.
Description: Required when NAC is configured to upgrade the Persistent Agent.
Direction: Application Server eth0 & eth1: Bi-directional.
For a complete list of ports used by the appliance, refer to the related documents below.
FortiNAC 9.4.X.
FortiNAC-F 7.X.
Related articles:
Technical Tip: Manually install and configure 'Persistent Agent' on Windows OS
Troubleshooting Tip: Windows Persistent Agent logs
