Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
amreason
New Contributor II

session helpers

I have a firewall in transparent mode.

Its performing no NAT no routing.

we are only using it as IDS/IPS

2 policies

Port 20-> Port 22 any any IDS Rules set to monitor

Port 22-> Port 20 any any IDS Rules set to monitor

 

Do I need to have any of the session helpers enabled.

I believe the SIP Helper was causing issues with our phones.

I don’t want any of the FTP or TFTP or DNS to have issues either.

 

1 Solution
ashukla_FTNT
Staff
Staff

Session helpers are required to open dynamic port(dynmaic policy) and create nat pinhole.

Now in transparent mode you don't have any nat, nor opening port is required as you have policy allowing traffic in both directions.

 

You can safely disable all the session helpers.

 

View solution in original post

1 REPLY 1
ashukla_FTNT
Staff
Staff

Session helpers are required to open dynamic port(dynmaic policy) and create nat pinhole.

Now in transparent mode you don't have any nat, nor opening port is required as you have policy allowing traffic in both directions.

 

You can safely disable all the session helpers.