My ISP provider said my cable modem is resetting itself and to check that the UDP port on the Fortigate is not on port 53 and to put it to another port
FG-60D
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hey James, just replied to your PM. Sorry I didn't catch this earlier.
FortiGuard going out over 53 is causing the modem to reboot. Certian providers freak out when they see that. If you switch it to 8888 it will work fine.
Mike Pruett
Yes this is a known issue. Fortiguard runs on a well-known service port BUT it is not DNS. Firewall, IPS, and DNS proxies could all act strange if it expects DNS format request/response and the traffic does not match so.
Ken
PCNSE
NSE
StrongSwan
Hi Ken
Thanks for the info. So are you saying more harm can be done than good if the port is changed from 53 and how many placing in the configuration would i have to make this change in the port config.
Thanks for the info guys and gals if there are any out there.
I am just getting into learning these devices so I am trying to get as much information as possible on this FG-60D firewall
James2000k wrote:In the GUI, browse to "Config", "Fortiguard", then click the blue arrow next to "Web Filtering and Email Filtering Options". When this drops down you will see the option to switch the port from 53 to 8888. The "Test Availability" button is right next to it.My ISP provider said my cable modem is resetting itself and to check that the UDP port on the Fortigate is not on port 53 and to put it to another port
FG-60D
Hope that helps
Bob
Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com
Thanks for the info Bob. Out of curiosity is the user interface easy to navigate thru and what recommending reading would you suggest for the FG-60D
James2000k wrote:Once you wrap your head around the Forti-layout it gets very intuitive for the most part. Having a networking background certainly helps. You may have to learn a slightly different Forti-layout every major revision change, but it's no show stopper. You'll pick up on the flow pretty quickly.Thanks for the info Bob. Out of curiosity is the user interface easy to navigate thru and what recommending reading would you suggest for the FG-60D
<aside>Forti-layout is a term I just invented for the menu layout in the Fortigate world of firewalls. You probably won't find it anywhere else. ;-)</aside>
Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com
I can only see the GUI interface if i connect my pc to the console port on the Fortigate?
Also if i telnet into this device is there a set of commands to run or is it just better thru the GUI
FortiOS configuration is part GUI, part CLI. Some less frequently used features are 'migrated' to CLI-only from time to time to prevent GUI-overloading.
You can connect to the CLI via
- the Console port, a serial connection (9600-8-N-1), RJ45-to-DB9 cable is included. Terminal emulation software e.g. HyperTerm as included in Windows, or from the authors as Private Ed. v6.3
- ssh via LAN (forget telnet! sends password in cleartext over the LAN), using putty or any other ssh client
- in the GUI, Dashboard, Console widget
So usually: GUI via https, CLI via ssh or serial port.
Some prefer to work in the CLI only, as you can do everything here: config, debug, view logs, etc. Some tasks are easier in the GUI though, like said log viewing.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1712 | |
1093 | |
752 | |
447 | |
231 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.