154 Fortinet Inc.
Predefined services Firewall configuration
Table 5: FortiGate predefined services
Service name Description Protocol Port
ANY Match connections on any port. A connection
that uses any of the predefined services is
allowed through the firewall.
all all
GRE Generic Routing Encapsulation. A protocol that
allows an arbitrary network protocol to be
transmitted over any other arbitrary network
protocol, by encapsulating the packets of the
protocol within GRE packets.
47
AH Authentication Header. AH provides source
host authentication and data integrity, but not
secrecy. This protocol is used for
authentication by IPSec remote gateways set
to aggressive mode.
51
ESP Encapsulating Security Payload. This service is
used by manual key and AutoIKE VPN tunnels
for communicating encrypted data. AutoIKE
key VPN tunnels use ESP after establishing the
tunnel using IKE.
50
AOL AOL instant messenger protocol. tcp 5190-5194
BGP Border Gateway Protocol routing protocol.
BGP is an interior/exterior routing protocol.
tcp 179
DHCP-Relay Dynamic Host Configuration Protocol (DHCP)
allocates network addresses and delivers
configuration parameters from DHCP servers
to hosts.
udp 67
DNS Domain name service for translating domain
names into IP addresses.
tcp 53
udp 53
FINGER A network service that provides information
about users.
tcp 79
FTP FTP service for transferring files. tcp 21
GOPHER Gopher communication service. Gopher
organizes and displays Internet server contents
as a hierarchically structured list of files.
tcp 70
H323 H.323 multimedia protocol. H.323 is a standard
approved by the International
Telecommunication Union (ITU) that defines
how audiovisual conferencing data is
transmitted across networks.
tcp 1720, 1503
HTTP HTTP is the protocol used by the word wide
web for transferring data for web pages.
tcp 80
HTTPS HTTP with secure socket layer (SSL) service
for secure communication with web servers.
tcp 443
IKE IKE is the protocol to obtain authenticated
keying material for use with ISAKMP for
IPSEC.
udp 500
IMAP Internet Message Access Protocol is a protocol
used for retrieving email messages.
tcp 143
Internet-Locator-
Service
Internet Locator Service includes LDAP, User
Locator Service, and LDAP over TLS/SSL.
tcp 389