FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Description In some situations, traffic via TCP port 2000 can be dropped. This article describes how to disable ALG for SCCP (TCP port 2000) traffic from CLI in case that port 2000 is being used from another application and needs to be allowed.
As from FortiOS 5.2, all SIP and SCCP (Skinny) traffic is processed by the VoIP ALG by default. In case that there is not valid SCCP traffic, the traffic will be dropped from ALG.
Solution Below the required commands to disable VOiP ALG for SCCP traffic.
#config voip profile (profile)#edit default (default)#config sccp (sccp)#set status disable (sccp)#end (default)#end