How can I perform GTP (GPRS Tunneling Protocal) filtering on Fortigate 201F?

mmorcali · ‎05-15-2024

Hi,

I want to filter GTP traffic on the Fortigate 201F device used in the Telco system. When I examine the forward traffic logs, I only see GTP as the protocol. Ssh, ping, data, etc., are coming over GTP. However, I want to allow data access and block ping access. How can I do this?

Thanks

ozkanaltas · ‎05-15-2024

Hello @mmorcali ,

I don't have an experience with GTP traffic, but I did some research.

According to my research, you can inspect GTP traffic with a FortiCarrier add-on license. But this license just sells for above 2600F,3000F, and VM08 models. Because of that, it seems you can't inspect GTP traffic on 201F.

https://docs.fortinet.com/document/fortigate/7.4.3/fortios-carrier/263536/fortios-carrier-gtp-protec...

https://www.fortinet.com/content/dam/fortinet/assets/data-sheets/fortios-carrier-licence.pdf

If you have found a solution, please like and accept it to make it easily accessible to others.
NSE 4-5-6-7 OT Sec - ENT FW

View solution in original post

saleha · ‎05-15-2024

Hello,

Thank you for reaching out. IF you are only looking to create firewall policy based on GTP, you will need to create a GTP profile first:

https://docs.fortinet.com/document/fortigate/7.4.3/fortios-carrier/638010/configuring-gtp-profiles

config firewall gtp

edit <name>

set ...

end

If you are planning in the future to involve fortigate in GTP more I recommend upgraded license for fortios carrier which is limited to supported models:
https://www.fortinet.com/content/dam/fortinet/assets/data-sheets/fortios-carrier-licence.pdf

https://docs.fortinet.com/document/fortigate/7.4.3/fortios-carrier/263536/fortios-carrier-gtp-protec...

Thank you,

saleha

View solution in original post

ozkanaltas · ‎05-15-2024

Hello @mmorcali ,

I don't have an experience with GTP traffic, but I did some research.

According to my research, you can inspect GTP traffic with a FortiCarrier add-on license. But this license just sells for above 2600F,3000F, and VM08 models. Because of that, it seems you can't inspect GTP traffic on 201F.

https://docs.fortinet.com/document/fortigate/7.4.3/fortios-carrier/263536/fortios-carrier-gtp-protec...

https://www.fortinet.com/content/dam/fortinet/assets/data-sheets/fortios-carrier-licence.pdf

If you have found a solution, please like and accept it to make it easily accessible to others.
NSE 4-5-6-7 OT Sec - ENT FW

saleha · ‎05-15-2024

Hello,

Thank you for reaching out. IF you are only looking to create firewall policy based on GTP, you will need to create a GTP profile first:

https://docs.fortinet.com/document/fortigate/7.4.3/fortios-carrier/638010/configuring-gtp-profiles

config firewall gtp

edit <name>

set ...

end

If you are planning in the future to involve fortigate in GTP more I recommend upgraded license for fortios carrier which is limited to supported models:
https://www.fortinet.com/content/dam/fortinet/assets/data-sheets/fortios-carrier-licence.pdf

https://docs.fortinet.com/document/fortigate/7.4.3/fortios-carrier/263536/fortios-carrier-gtp-protec...

Thank you,

saleha

How can I perform GTP (GPRS Tunneling Protocal) filtering on Fortigate 201F?

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website