Predefined services

 

Firewall configuration

 

 

 

 

 

 

Table 5: FortiGate predefined services

 

 

 

 

 

 

 

 

Service name

Description

Protocol

Port

 

 

 

 

 

 

ANY

Match connections on any port. A connection

all

all

 

 

that uses any of the predefined services is

 

 

 

 

allowed through the firewall.

 

 

 

 

 

 

 

 

GRE

Generic Routing Encapsulation. A protocol that

 

47

 

 

allows an arbitrary network protocol to be

 

 

 

 

transmitted over any other arbitrary network

 

 

 

 

protocol, by encapsulating the packets of the

 

 

 

 

protocol within GRE packets.

 

 

 

 

 

 

 

 

AH

Authentication Header. AH provides source

 

51

 

 

host authentication and data integrity, but not

 

 

 

 

secrecy. This protocol is used for

 

 

 

 

authentication by IPSec remote gateways set

 

 

 

 

to aggressive mode.

 

 

 

 

 

 

 

 

ESP

Encapsulating Security Payload. This service is

 

50

 

 

used by manual key and AutoIKE VPN tunnels

 

 

 

 

for communicating encrypted data. AutoIKE

 

 

 

 

key VPN tunnels use ESP after establishing the

 

 

 

 

tunnel using IKE.

 

 

 

 

 

 

 

 

AOL

AOL instant messenger protocol.

tcp

5190-5194

 

 

 

 

 

 

BGP

Border Gateway Protocol routing protocol.

tcp

179

 

 

BGP is an interior/exterior routing protocol.

 

 

 

 

 

 

 

 

DHCP-Relay

Dynamic Host Configuration Protocol (DHCP)

udp

67

 

 

allocates network addresses and delivers

 

 

 

 

configuration parameters from DHCP servers

 

 

 

 

to hosts.

 

 

 

 

 

 

 

 

DNS

Domain name service for translating domain

tcp

53

 

 

names into IP addresses.

 

 

 

 

udp

53

 

 

 

 

 

 

 

 

 

FINGER

A network service that provides information

tcp

79

 

 

about users.

 

 

 

 

 

 

 

 

FTP

FTP service for transferring files.

tcp

21

 

 

 

 

 

 

GOPHER

Gopher communication service. Gopher

tcp

70

 

 

organizes and displays Internet server contents

 

 

 

 

as a hierarchically structured list of files.

 

 

 

 

 

 

 

 

H323

H.323 multimedia protocol. H.323 is a standard

tcp

1720, 1503

 

 

approved by the International

 

 

 

 

Telecommunication Union (ITU) that defines

 

 

 

 

how audiovisual conferencing data is

 

 

 

 

transmitted across networks.

 

 

 

 

 

 

 

 

HTTP

HTTP is the protocol used by the word wide

tcp

80

 

 

web for transferring data for web pages.

 

 

 

 

 

 

 

 

HTTPS

HTTP with secure socket layer (SSL) service

tcp

443

 

 

for secure communication with web servers.

 

 

 

 

 

 

 

 

IKE

IKE is the protocol to obtain authenticated

udp

500

 

 

keying material for use with ISAKMP for

 

 

 

 

IPSEC.

 

 

 

 

 

 

 

 

IMAP

Internet Message Access Protocol is a protocol

tcp

143

 

 

used for retrieving email messages.

 

 

 

Internet-Locator-

Internet Locator Service includes LDAP, User

tcp

389

 

Service

Locator Service, and LDAP over TLS/SSL.

 

 

154

Fortinet Inc.

Page 154
Image 154
Fortinet 100 user manual 154, Any