FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
gpap_FTNT
Staff
Staff
Description
In some situations, traffic via TCP port 2000 can be dropped.
This article describes how to disable ALG for SCCP (TCP port 2000) traffic from CLI in case that port 2000 is being used from another application and needs to be allowed.

As from FortiOS 5.2, all SIP and SCCP (Skinny) traffic is processed by the VoIP ALG by default. In case that there is not valid SCCP traffic, the traffic will be dropped from ALG.


Solution
Below the required commands to disable VOiP ALG for SCCP traffic.
#config voip profile
(profile)#edit default
(default)#config sccp
(sccp)#set status disable
(sccp)#end
(default)#end

Contributors