Firewall configuration |
|
| Services | ||
|
|
|
|
|
|
| Table 38: FortiGate predefined services (Continued) |
|
|
| |
|
|
|
|
|
|
| Service name | Description | Protocol | Port |
|
|
|
|
|
|
|
| GRE | Generic Routing Encapsulation. A protocol |
| 47 |
|
|
| that allows an arbitrary network protocol to be |
|
|
|
|
| transmitted over any other arbitrary network |
|
|
|
|
| protocol, by encapsulating the packets of the |
|
|
|
|
| protocol within GRE packets. |
|
|
|
|
|
|
|
|
|
| AH | Authentication Header. AH provides source |
| 51 |
|
|
| host authentication and data integrity, but not |
|
|
|
|
| secrecy. This protocol is used for |
|
|
|
|
| authentication by IPSec remote gateways set |
|
|
|
|
| to aggressive mode. |
|
|
|
|
|
|
|
|
|
| ESP | Encapsulating Security Payload. This service |
| 50 |
|
|
| is used by manual key and AutoIKE VPN |
|
|
|
|
| tunnels for communicating encrypted data. |
|
|
|
|
| AutoIKE key VPN tunnels use ESP after |
|
|
|
|
| establishing the tunnel using IKE. |
|
|
|
|
|
|
|
|
|
| AOL | AOL instant messenger protocol. | tcp |
| |
|
|
|
|
|
|
| BGP | Border Gateway Protocol routing protocol. | tcp | 179 |
|
|
| BGP is an interior/exterior routing protocol. |
|
|
|
|
|
|
|
|
|
| Dynamic Host Configuration Protocol (DHCP) | udp | 67 |
| |
|
| allocates network addresses and delivers |
|
|
|
|
| configuration parameters from DHCP servers |
|
|
|
|
| to hosts. |
|
|
|
|
|
|
|
|
|
| DNS | Domain name service for translating domain | tcp | 53 |
|
|
| names into IP addresses. |
|
|
|
|
| udp | 53 |
| |
|
|
|
| ||
|
|
|
|
|
|
| FINGER | A network service that provides information | tcp | 79 |
|
|
| about users. |
|
|
|
|
|
|
|
|
|
| FTP | FTP service for transferring files. | tcp | 21 |
|
|
|
|
|
|
|
| GOPHER | Gopher communication service. Gopher | tcp | 70 |
|
|
| organizes and displays Internet server |
|
|
|
|
| contents as a hierarchically structured list of |
|
|
|
|
| files. |
|
|
|
|
|
|
|
|
|
| H323 | H.323 multimedia protocol. H.323 is a | tcp | 1720, 1503 |
|
|
| standard approved by the International |
|
|
|
|
| Telecommunication Union (ITU) that defines |
|
|
|
|
| how audiovisual conferencing data is |
|
|
|
|
| transmitted across networks. |
|
|
|
|
|
|
|
|
|
| HTTP | HTTP is the protocol used by the word wide | tcp | 80 |
|
|
| web for transferring data for web pages. |
|
|
|
|
|
|
|
|
|
| HTTPS | HTTP with secure socket layer (SSL) service | tcp | 443 |
|
|
| for secure communication with web servers. |
|
|
|
|
|
|
|
|
|
| IKE | IKE is the protocol to obtain authenticated | udp | 500 |
|
|
| keying material for use with ISAKMP for |
|
|
|
|
| IPSEC. |
|
|
|
|
|
|
|
|
|
| IMAP | Internet Message Access Protocol is a | tcp | 143 |
|
|
| protocol used for retrieving email messages. |
|
|
|
|
|
|
|
|
|
| Internet Locator Service includes LDAP, User | tcp | 389 |
| |
| Service | Locator Service, and LDAP over TLS/SSL. |
|
|
|
|
|
|
|
|
|
| IRC | Internet Relay Chat allows people connected | tcp |
| |
|
| to the Internet to join live discussions. |
|
|
|
|
|
|
|
|
|
| L2TP | L2TP is a | tcp | 1701 |
|
|
| remote access. |
|
|
|
|
|
|
|
|
|
201 |