Hi,
I want to filter GTP traffic on the Fortigate 201F device used in the Telco system. When I examine the forward traffic logs, I only see GTP as the protocol. Ssh, ping, data, etc., are coming over GTP. However, I want to allow data access and block ping access. How can I do this?
Thanks
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello @mmorcali ,
I don't have an experience with GTP traffic, but I did some research.
According to my research, you can inspect GTP traffic with a FortiCarrier add-on license. But this license just sells for above 2600F,3000F, and VM08 models. Because of that, it seems you can't inspect GTP traffic on 201F.
https://www.fortinet.com/content/dam/fortinet/assets/data-sheets/fortios-carrier-licence.pdf
Hello,
Thank you for reaching out. IF you are only looking to create firewall policy based on GTP, you will need to create a GTP profile first:
https://docs.fortinet.com/document/fortigate/7.4.3/fortios-carrier/638010/configuring-gtp-profiles
config firewall gtp
edit <name>
set ...
end
If you are planning in the future to involve fortigate in GTP more I recommend upgraded license for fortios carrier which is limited to supported models:
https://www.fortinet.com/content/dam/fortinet/assets/data-sheets/fortios-carrier-licence.pdf
Thank you,
saleha
Hello @mmorcali ,
I don't have an experience with GTP traffic, but I did some research.
According to my research, you can inspect GTP traffic with a FortiCarrier add-on license. But this license just sells for above 2600F,3000F, and VM08 models. Because of that, it seems you can't inspect GTP traffic on 201F.
https://www.fortinet.com/content/dam/fortinet/assets/data-sheets/fortios-carrier-licence.pdf
Hello,
Thank you for reaching out. IF you are only looking to create firewall policy based on GTP, you will need to create a GTP profile first:
https://docs.fortinet.com/document/fortigate/7.4.3/fortios-carrier/638010/configuring-gtp-profiles
config firewall gtp
edit <name>
set ...
end
If you are planning in the future to involve fortigate in GTP more I recommend upgraded license for fortios carrier which is limited to supported models:
https://www.fortinet.com/content/dam/fortinet/assets/data-sheets/fortios-carrier-licence.pdf
Thank you,
saleha
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1502 | |
1011 | |
749 | |
443 | |
209 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.