FortiSandbox Open Ports
| Incoming Ports
Purpose |
Protocol/Port | |
| FortiGate | OFTP | TCP/514 |
| Others | SSH CLI Management | TCP/22 |
| Telnet CLI Management | TCP/23 | |
| Web Admin | TCP/80, TCP/443 | |
| OFTP Communication with FortiGate & FortiMail | TCP/514 | |
| Third-party proxy server for ICAP servers | ICAP: TCP/1344
ICAPS: TCP/11344 |
|
| Outgoing Ports
Purpose |
Protocol/Port | |
| FortiGuard
(FortiSandbox will use a random port picked by the kernel) |
FortiGuard Distribution Servers | TCP/8890 |
| FortiGuard Web Filtering Servers | UDP/53, UDP/8888 |
Services and port numbers required for FortiSandbox FortiSandbox
| Outgoing Ports
Purpose |
Protocol/Port | |
| FortiSandbox
Community Cloud (FortiSandbox will use a random port picked by the kernel) |
Upload detected malware information | TCP/443, UDP/53 |
Services and port numbers required for FortiSandbox
The tables above show all the services required for FortiSandbox to function correctly. You can use the diagnostic FortiSandbox command test-network to verify that all the services are allowed by the upstream. If the result is Passed, then there is no issue. If there is an issue with a specific service, it will be shown in the command output, and inform you which port needs to be opened.
This command checks:
- VM Internet access l Internet connection l System DNS resolve speed l VM DNS resolve speed l Ping speed l Wget speed
- Web Filtering service l FortiSandbox Community Cloud service