Isolate UDP ports 137 / 138 and TCP ports 139 / 445.

Forum|Forum|9 years ago
June 13, 2017
1 reply
7806 views

In my company we have an Fortigate 1200d v 5.2.4 can someone please help me so that i can isolate this ports due to Thank you very much.

5.2

EMES

New Member

If you mean blocking the ports, then create a security policy from inside to outside with the services below and SMB. Enter those commands into the CLI and then create the security policy and set the action to DENY.

config firewall service custom

edit NETBIOSNS

set udp-portrange 137

set udp-portrange 138

set tcp-portrange 139

hope that helps

ede_pfau

SuperUser

NETBIOSNS is a standard service, called "SAMBA", no need to configure as custom.

Include tcp/445, "SMB", in that servicegroup to deny Windows file sharing.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded