| Description |
This article describes steps to determine the Information Elements(IEs) used in GPRS Tunneling Protocol(GTP) and how to whitelist the IE type in FortiOS Carrier GTP profile in case if GTP traffics got dropped by FortiCarrier due the IE type is not supported or out of state. |
| Scope |
FortiOS Carrier 6.2. FortiOS Carrier 6.4. FortiOS Carrier 7.0. |
| Solution |
1) Perform packet capture on FortiCarrier, in example GTP-C traffics:
# diag sniffer packet <interface name> “host x.x.x.x and host y.y.y.y and port 2123” 6 0 a
2) Convert and open the pcap files, then search and expand the GTPv2 packets, the IE type should be listed as in image below.
In this example, Aggregate Maximum Bit Rate (AMBR) IE will be used:
3) Create and apply an IE allow list to GTPv0/v1 or GTPv2 traffic accepted by GTP profile:
# config gtp ie-allow-list edit "allow-AMBR" # config entries edit 1 set message 35 <----- Modify Bearer Response set ie 72 <----- Aggregate Maximum Bit Rate (AMBR). next end next end
# config firewall gtp edit <gtp-profile> ... set ie-allow-list-v2 "allow-AMBR " next end |
