FortiOS ports and protocols
Communication to and from FortiOS is strictly controlled and only selected ports are opened for supported functionality such as administrator logins and communication with other Fortinet products or services.
Accessing FortiOS using an open port is protected by authentication, identification, and encryption requirements. As well, ports are only open if the feature using them is enabled.
FortiOS open ports
The following diagram and tables shows the incoming and outgoing ports that are potentially opened by FortiOS. For more details about open ports and the communication protocols that FortiOS uses, see the document Fortinet Communication Ports and Protocols.
Closing open ports
You can close open ports by disabling the feature that opens them. For example, if FortiOS is not managing a FortiAP then the CAPWAP feature for managing FortiAPs can be disabled, closing the CAPWAP port.
The following sections of this document described a number of options for closing open ports: