Predefined services |
| Firewall configuration | ||
|
|
|
|
|
| Table 5: FortiGate predefined services |
|
| |
|
|
|
|
|
| Service name | Description | Protocol | Port |
|
|
|
|
|
| ANY | Match connections on any port. A connection | all | all |
|
| that uses any of the predefined services is |
|
|
|
| allowed through the firewall. |
|
|
|
|
|
|
|
| GRE | Generic Routing Encapsulation. A protocol that |
| 47 |
|
| allows an arbitrary network protocol to be |
|
|
|
| transmitted over any other arbitrary network |
|
|
|
| protocol, by encapsulating the packets of the |
|
|
|
| protocol within GRE packets. |
|
|
|
|
|
|
|
| AH | Authentication Header. AH provides source |
| 51 |
|
| host authentication and data integrity, but not |
|
|
|
| secrecy. This protocol is used for |
|
|
|
| authentication by IPSec remote gateways set |
|
|
|
| to aggressive mode. |
|
|
|
|
|
|
|
| ESP | Encapsulating Security Payload. This service is |
| 50 |
|
| used by manual key and AutoIKE VPN tunnels |
|
|
|
| for communicating encrypted data. AutoIKE |
|
|
|
| key VPN tunnels use ESP after establishing the |
|
|
|
| tunnel using IKE. |
|
|
|
|
|
|
|
| AOL | AOL instant messenger protocol. | tcp | |
|
|
|
|
|
| BGP | Border Gateway Protocol routing protocol. | tcp | 179 |
|
| BGP is an interior/exterior routing protocol. |
|
|
|
|
|
|
|
| Dynamic Host Configuration Protocol (DHCP) | udp | 67 | |
|
| allocates network addresses and delivers |
|
|
|
| configuration parameters from DHCP servers |
|
|
|
| to hosts. |
|
|
|
|
|
|
|
| DNS | Domain name service for translating domain | tcp | 53 |
|
| names into IP addresses. |
|
|
|
| udp | 53 | |
|
|
| ||
|
|
|
|
|
| FINGER | A network service that provides information | tcp | 79 |
|
| about users. |
|
|
|
|
|
|
|
| FTP | FTP service for transferring files. | tcp | 21 |
|
|
|
|
|
| GOPHER | Gopher communication service. Gopher | tcp | 70 |
|
| organizes and displays Internet server contents |
|
|
|
| as a hierarchically structured list of files. |
|
|
|
|
|
|
|
| H323 | H.323 multimedia protocol. H.323 is a standard | tcp | 1720, 1503 |
|
| approved by the International |
|
|
|
| Telecommunication Union (ITU) that defines |
|
|
|
| how audiovisual conferencing data is |
|
|
|
| transmitted across networks. |
|
|
|
|
|
|
|
| HTTP | HTTP is the protocol used by the word wide | tcp | 80 |
|
| web for transferring data for web pages. |
|
|
|
|
|
|
|
| HTTPS | HTTP with secure socket layer (SSL) service | tcp | 443 |
|
| for secure communication with web servers. |
|
|
|
|
|
|
|
| IKE | IKE is the protocol to obtain authenticated | udp | 500 |
|
| keying material for use with ISAKMP for |
|
|
|
| IPSEC. |
|
|
|
|
|
|
|
| IMAP | Internet Message Access Protocol is a protocol | tcp | 143 |
|
| used for retrieving email messages. |
|
|
| Internet Locator Service includes LDAP, User | tcp | 389 | |
| Service | Locator Service, and LDAP over TLS/SSL. |
|
|
154 | Fortinet Inc. |
