Skip to main content
trubendall
trubendall
New Member
January 18, 2018
Question

PCI and port 1000 & 1003

  • January 18, 2018
  • 2 replies
  • 10369 views

We are failing an external PCI scan because port 1000 and 1003 are open and listening on old security protocals.  How can I disable these ports?  I read that they are disabled by default, but they seem to be open.  It looks like they are for Authentication.  Thanks in advance.

    2 replies

    NeilG
    NeilG
    New Member
    January 22, 2018

    You say 1000/1003 are listening on old-security protocols. Whose old protocols? built-in fortigate or your own?

    What is the Fortigate model and firmware?

     

    Have you looked at your local-in policies? 

     

    Have you opened a support ticket?

    dmcquade
    dmcquade
    New Member
    January 23, 2018

    These are related to the keepalive for user authentication and not necessarily traffic trying to communicate outbound. You will see these messages when you have the logging set to log all traffic.

     

    HTH

    d

    emnoc
    emnoc
    New Member
    January 23, 2018

    The ports are controlled via sys global

     

    e.g

     

     set auth-http-pot

     set auth-https-port

     

    If you have  fwpolicy enable with user auth , then these are open.

     

    Ken

     

    darwin_FTNT
    Staff
    darwin_FTNT
    Staff
    April 27, 2018

    I filed a bug report for this 0488051.  Hopefully it would be fixed if needed.  So far it seems fine if open... ???

    Terms & ConditionsAccessibility statement