- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
TCP/0:0
Community,
I have the following configured on the fortigate Service, Object configurations.
Solved! Go to Solution.
- Labels:
-
FortiGate
-
FortiManager
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@hbac with all respect, TCP/0-1:0-1 means destination port 0 till 1 : source port 0 - 1 both TCP. So, TCP/0:0 means TCP (destination port 0 and source port 0).
My concern was, is, that TCP/0:0 would basically mean, TCP (destination port ANY and source port ANY).
But the test proved that this is incorrect.
Still I'm wondering why someone would add TCP/0:0 as a service?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Can you open this object and share a screenshot of its config?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Like this?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I think it means TCP is simply not considered in this service.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hmm.. Or perhaps the other way around, all IP address, (0.0.0.0), all source ports (0) and all destinations ports (0) are allowed.
To ignore or not to ignore, that the question. ;)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
So just test it. Put it in a test policy and see if it allows or denies any tcp.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hmmm..
@AEK Thanks. good tip. Honestly, did not think of it.
Okay. Done.
Once I added the "Web Access" services group the policy was being used, Meaning the traffic did not match the TCP/0:0 filter.
The question than actually still remains.
What does TCP/0:0 means and when will it be hit?
Source port = 0 and destination port = 0 ? If that is the case, what type of traffic, application, will that be?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @WillemK,
TCP/0:0 means TCP destination port range from 0 to 0. If you only use UDP, you can simply change the Protocol Type to UDP.
Regards,
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@hbac with all respect, TCP/0-1:0-1 means destination port 0 till 1 : source port 0 - 1 both TCP. So, TCP/0:0 means TCP (destination port 0 and source port 0).
My concern was, is, that TCP/0:0 would basically mean, TCP (destination port ANY and source port ANY).
But the test proved that this is incorrect.
Still I'm wondering why someone would add TCP/0:0 as a service?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
You are correct for the first part. However, TCP/0:0 is the opposite of ANY. No traffic will use source or destination port 0 which means TCP traffic will never match this service. As I mentioned, if this custom service is used for only UDP you can change the Protocol Type to UDP.
Regards,