Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Not applicable

How to allow port 1443

I had added a custom Service under FIREWALL for TCP 1443 for destination and source . I also added a new address and created a policy base on it. However users are still unable to log into the website. Any idea? I am using 200A
13 REPLIES 13
Not applicable

ORIGINAL: ede_pfau In case you wonder why everyone tells you to change the source ports and nobody tells you why: - TCP/UDP services use specific DESTINATION ports. You identify your HTTP custom service by the destination port 1443. Clients connecting to your server use random SOURCE ports so you have to allow a port range. But you only have to allow from port 1024 upwards as ports below are reserved for services. The highest possible port number is 65535 (=64K - 1). So that will fix your custom service definition. Again, if I could see your policy we could proceed from here.
Thanks everybody. Here' s my policy and the edited source port range from 1024 to 65535
Not applicable

cant embed 2 pics in one post?
ede_pfau
SuperUser
SuperUser

So you contact a remote server with a custom service. In order to have the reply traffic routed back to your network you have to enable NAT in the policy. Otherwise the server sends back replies to a private address which is not routed (" Users IP Range" ).
Ede Kernel panic: Aiee, killing interrupt handler!
Ede Kernel panic: Aiee, killing interrupt handler!
Not applicable

Thanks Ede and pals here for your help!!!!
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors