Firewall configuration

 

 

Services

 

 

 

 

 

 

 

Table 38: FortiGate predefined services (Continued)

 

 

 

 

 

 

 

 

 

 

Service name

Description

Protocol

Port

 

 

 

 

 

 

 

 

GRE

Generic Routing Encapsulation. A protocol

 

47

 

 

 

that allows an arbitrary network protocol to be

 

 

 

 

 

transmitted over any other arbitrary network

 

 

 

 

 

protocol, by encapsulating the packets of the

 

 

 

 

 

protocol within GRE packets.

 

 

 

 

 

 

 

 

 

 

AH

Authentication Header. AH provides source

 

51

 

 

 

host authentication and data integrity, but not

 

 

 

 

 

secrecy. This protocol is used for

 

 

 

 

 

authentication by IPSec remote gateways set

 

 

 

 

 

to aggressive mode.

 

 

 

 

 

 

 

 

 

 

ESP

Encapsulating Security Payload. This service

 

50

 

 

 

is used by manual key and AutoIKE VPN

 

 

 

 

 

tunnels for communicating encrypted data.

 

 

 

 

 

AutoIKE key VPN tunnels use ESP after

 

 

 

 

 

establishing the tunnel using IKE.

 

 

 

 

 

 

 

 

 

 

AOL

AOL instant messenger protocol.

tcp

5190-5194

 

 

 

 

 

 

 

 

BGP

Border Gateway Protocol routing protocol.

tcp

179

 

 

 

BGP is an interior/exterior routing protocol.

 

 

 

 

 

 

 

 

 

 

DHCP-Relay

Dynamic Host Configuration Protocol (DHCP)

udp

67

 

 

 

allocates network addresses and delivers

 

 

 

 

 

configuration parameters from DHCP servers

 

 

 

 

 

to hosts.

 

 

 

 

 

 

 

 

 

 

DNS

Domain name service for translating domain

tcp

53

 

 

 

names into IP addresses.

 

 

 

 

 

udp

53

 

 

 

 

 

 

 

 

 

 

 

 

FINGER

A network service that provides information

tcp

79

 

 

 

about users.

 

 

 

 

 

 

 

 

 

 

FTP

FTP service for transferring files.

tcp

21

 

 

 

 

 

 

 

 

GOPHER

Gopher communication service. Gopher

tcp

70

 

 

 

organizes and displays Internet server

 

 

 

 

 

contents as a hierarchically structured list of

 

 

 

 

 

files.

 

 

 

 

 

 

 

 

 

 

H323

H.323 multimedia protocol. H.323 is a

tcp

1720, 1503

 

 

 

standard approved by the International

 

 

 

 

 

Telecommunication Union (ITU) that defines

 

 

 

 

 

how audiovisual conferencing data is

 

 

 

 

 

transmitted across networks.

 

 

 

 

 

 

 

 

 

 

HTTP

HTTP is the protocol used by the word wide

tcp

80

 

 

 

web for transferring data for web pages.

 

 

 

 

 

 

 

 

 

 

HTTPS

HTTP with secure socket layer (SSL) service

tcp

443

 

 

 

for secure communication with web servers.

 

 

 

 

 

 

 

 

 

 

IKE

IKE is the protocol to obtain authenticated

udp

500

 

 

 

keying material for use with ISAKMP for

 

 

 

 

 

IPSEC.

 

 

 

 

 

 

 

 

 

 

IMAP

Internet Message Access Protocol is a

tcp

143

 

 

 

protocol used for retrieving email messages.

 

 

 

 

 

 

 

 

 

 

Internet-Locator-

Internet Locator Service includes LDAP, User

tcp

389

 

 

Service

Locator Service, and LDAP over TLS/SSL.

 

 

 

 

 

 

 

 

 

 

IRC

Internet Relay Chat allows people connected

tcp

6660-6669

 

 

 

to the Internet to join live discussions.

 

 

 

 

 

 

 

 

 

 

L2TP

L2TP is a PPP-based tunnel protocol for

tcp

1701

 

 

 

remote access.

 

 

 

 

 

 

 

 

 

FortiGate-800 Installation and Configuration Guide

201

Page 201
Image 201
Fortinet FortiGate-800 manual 201, Gre