FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
This article provides the details on how to block BGP port 179 on the wan interface. It helps to avoid being scanned from external network.
This also applies to the situation when the port 179 is "open" for the IPs defined in an ippool (even if not used)
There can be some scenario where it is required to block all the BGP service in Network. In that case, Local-in-policy can be used to block the unwanted BGP port on WAN1 Interface. The following example blocks traffic that matches the BGP firewall service.
# config firewall local-in-policy edit 1 set intf wan1 set srcaddr all set dstaddr all set action deny set service BGP set schedule always end
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.