As per my understanding FGT & FAZ uses TCP port 514 & UDP 514 in log communication.
TCP port 514 used in RSH protocol to execute remote shell commands in FGT to get information also it is not secured compared to SSH protocol. so to understand how Fortinet securing the communication over internet using this protocol ?
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello Kavi,
Hope you are doing well :).
Same as before:
I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.
Regards,
I have finally found this document:
Could you please tell me if it helps?
Regards,
I already gone though this docs but not helpful to get the answers for my queries.
if anyone tested with pcap then they can see all the packets I mentioned above.
anyone having any idea to get the answers for all the queries?
wireshark parse traffic protocol based on port number by default, port 514 is well known port for syslog so it parses as RSH. You shall manually decoded it as TLS.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1633 | |
1063 | |
751 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.