FortiSandbox Open Ports
| Incoming Ports
Purpose |
Protocol/Port | |
| FortiGate | OFTP | TCP/514 |
| Others | SSH CLI Management | TCP/22 |
| Telnet CLI Management | TCP/23 | |
| Web Admin | TCP/80, TCP/443 | |
| OFTP Communication with FortiGate & FortiMail | TCP/514 | |
| Third-party proxy server for ICAP servers | ICAP: TCP/1344
ICAPS: TCP/11344 |
|
| Outgoing Ports
Purpose |
Protocol/Port | |
| FortiGuard
(FortiSandbox will use a random port picked by the kernel) |
FortiGuard Distribution Servers | TCP/8890 |
| FortiGuard Web Filtering Servers | UDP/53, UDP/8888 |
Services and port numbers required for FortiSandbox FortiSandbox
| Outgoing Ports
Purpose |
Protocol/Port | |
| FortiSandbox
Community Cloud (FortiSandbox will use a random port picked by the kernel) |
Upload detected malware information | TCP/443, UDP/53 |
Services and port numbers required for FortiSandbox
The tables above show all the services required for FortiSandbox to function correctly. You can use the diagnostic FortiSandbox command test-network to verify that all the services are allowed by the upstream. If the result is Passed, then there is no issue. If there is an issue with a specific service, it will be shown in the command output, and inform you which port needs to be opened.
This command checks:
- VM Internet access l Internet connection l System DNS resolve speed l VM DNS resolve speed l Ping speed l Wget speed
- Web Filtering service l FortiSandbox Community Cloud service
Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!