Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
nverma
Staff
Staff

Created on ‎09-03-2019 06:27 AM

Article Id 193969

Technical Tip: How to configure custom port and port ranges into the ISDB entries.

Description
This article explains how to configure and add custom port and port ranges into the predefined ISDB entries.

Solution
Use the new CLI config firewall internet-service-addition command in system global to tune ISDB for the environment.

To add custom port range in global:
#config firewall internet-service-addition
  edit 65646
      set comment "Add custom port-range:tcp/8080-8090 into 65646"
      config entry
          edit 1
              set protocol 6
              config port-range
                    edit 1
                         set start-port 8080
                         set end-port 8090
                    next
              end
          next
      end
  next
end
To execute internet-service refresh to apply the change:
#FGT-201E (65646) # end
Warning: Configuration will only be applied after rebooting or using the 'execute internet-service refresh' command.
#FGT-201E (global) # exec internet-service refresh
Internet Service database is refreshed.
To verify that the change was applied:
#FGT-201E (global) # diagnose internet-service info FG-traffic 6 8080 2.20.183.160
Internet Service: 65646(Google.Gmail)
FGT-201E (global) #

Labels:
4520
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.