Providing access to custom services

 

Firewall configuration

 

 

 

 

 

 

Table 5: FortiGate predefined services (Continued)

 

 

 

 

 

 

 

 

Service name

Description

Protocol

Port

 

 

 

 

 

 

TCP

All TCP ports.

tcp

0-65535

 

 

 

 

 

 

TELNET

Telnet service for connecting to a remote

tcp

23

 

 

computer to run commands.

 

 

 

 

 

 

 

 

TFTP

Trivial file transfer protocol, a simple file

udp

69

 

 

transfer protocol similar to FTP but with no

 

 

 

 

security features.

 

 

 

 

 

 

 

 

UDP

All UDP ports.

udp

0-65535

 

 

 

 

 

 

UUCP

Unix to Unix copy utility, a simple file copying

udp

540

 

 

protocol.

 

 

 

 

 

 

 

 

VDOLIVE

For VDO Live streaming multimedia traffic.

tcp

7000-7010

 

 

 

 

 

 

WAIS

Wide Area Information Server. An Internet

tcp

210

 

 

search protocol.

 

 

 

 

 

 

 

 

WINFRAME

For WinFrame communications between

tcp

1494

 

 

computers running Windows NT.

 

 

 

 

 

 

 

 

X-WINDOWS

For remote communications between an

tcp

6000-6063

 

 

X-Window server and X-Window clients.

 

 

 

 

 

 

 

Providing access to custom services

Add a custom service if you need to create a policy for a service that is not in the predefined service list.

1Go to Firewall > Service > Custom.

2Select New.

3Enter a Name for the service. This name appears in the service list used when you add a policy.

The name can contain numbers (0-9), uppercase and lowercase letters (A-Z, a-z), and the special characters - and _. Other special characters and spaces are not allowed.

4Select the Protocol (either TCP or UDP) used by the service.

5Specify a Source and Destination Port number range for the service by entering the low and high port numbers. If the service uses one port number, enter this number in both the low and high fields.

6If the service has more than one port range, select Add to specify additional protocols and port ranges.

If you mistakenly add too many port range rows, select Delete

to remove each

extra row.

 

7Select OK to add the custom service.

You can now add this custom service to a policy.

Grouping services

To make it easier to add policies, you can create groups of services and then add one policy to provide or block access for all the services in the group. A service group can contain predefined services and custom services in any combination. You cannot add service groups to another service group.

1 Go to Firewall > Service > Group.

156

Fortinet Inc.

Page 155 Page 157
Page 156
Image 156
Fortinet 100 user manual Providing access to custom services, Grouping services, 156, Go to Firewall Service Custom
Page 155 Page 157
Top Page Image Contents