Skip to main content
eager2learn
eager2learn
New Member
March 28, 2018
Question

For a VIP is port 8008 internal closed and external opened

  • March 28, 2018
  • 1 reply
  • 17835 views

On a Fortigate 200D a VIP (Virtual IP) is created.

  Type NAT

  Source Address Filter: off   Port Forwarding: off   One external IP-address

  One Mapped IP-address

The Mapped (internal) IP-address is used by a Linux system with only port 22 (SSH) open. So port 8008 is closed.

From external (on the external IP-address) it is possible to login, with SSH, on the internal Linux system. From external (on the external IP-address) port 8008 is open. From external (on the external IP-address) it is possible to connect to port 8008.

But the end-point of the connection to port 8008 is not the internal Linux system. The program "nmap" shows (from out-site to the external IP-address) the lines below:

    Port     Protocol  State  Service  Version

    22        tcp           open   ssh          OpenSSH 7.2p2 Ubuntu 4ubuntu

    8008    tcp           open   http        Fortinet FortiGuard block page

 

So is seems that the end-point of a connection from external to port 8008 is the FortiGate and not the internal Linux system.

How is that possible?

How can port 8008 be closed from the external internet?

 

    1 reply

    Markus
    Markus
    New Member
    March 29, 2018

    This is for Blocking Page and Policy Override Authentication. You shouldn't close this Port.

    https://docs.fortinet.com/uploaded/files/3020/fortinet-communication-ports-and-protocols-54.pdf

     

    eager2learn
    eager2learnAuthor
    New Member
    March 29, 2018

    I will read that documentation.

    On the Fortigate 200D, 23 VIP's are created. All on the same way. Only one VIP has port 8008 open, on the other VIP's port 8008 is closed.

    Markus
    Markus
    New Member
    March 29, 2018

    Ok, thats strange. Did you have any UTM Profile applied to this VIP/Policy?

    Terms & ConditionsAccessibility statement