- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
TCP port 179 is open in firewall
Why is tcp port 179 open in firewall even though BGP is not used?
Because it is scanned as being open.
Is there any way to disable it?
Solved! Go to Solution.
- Labels:
-
FortiGate
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Let's consider this topology:
172.16.1.1 ------ [LAN1|FGT|LAN2] ----- 192.168.1.1
LAN1 IP address: 172.16.1.2
You can block ping from 172.16.1.1 to 192.168.1.1 using firewall policy with srcintf LAN1 and dstintf LAN2.
But to block ping from 172.16.1.1 to 172.16.1.2, you need a local-in policy.
Easy example: In GUI navigate to Network> Interface. Edit an interface and allow administrative access ping.
This simply creates a local-in policy allow for ping on this interface.
You can display local-in policies in GUI in System> Feature Visibility.
If you don't allow administrative access ping on the interface: default local-in policy is used which is action=drop.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello! You can block incoming traffic with local-in policies:
https://docs.fortinet.com/document/fortigate/7.4.1/administration-guide/363127/local-in-policy
You can define incoming interface, protocol, port... And allow or block the traffic matching your settings.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Why is tcp port 179 open in firewall even though BGP is not used?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @BusinessUser,
Do you have BGP configured on the FortiGate? Do you have any VIP/Virtual server for port forwarding on TCP 179?
Regards,
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
There is bgp enabled to communicate with the ISP router.
However the security team is unhappy that port 179 is open to all.
So should i use a local in policy or a firewall policy?
Why is port 179 open to all in the first place?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @BusinessUser,
Please refer to this article for more detail "https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-close-BGP-port-179-with-Local-in-po...
Regards,
Minh
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi All,
I need help.
There is bgp enabled to communicate with the ISP router.
However the security team is unhappy that port 179 is open to all.
So should i use a local in policy or a firewall policy?
Why is port 179 open to all in the first place?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
Please follow the KB for block the port 179 with local-in policy - https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-close-BGP-port-179-with-Local-in-po...
Best regards,
Erlin
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
still doesnt answer the question
what is the difference between using local in policy or a firewall policy?
Why is port 179 open to all in the first place?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
Here you can find the doc for the Firewall Policy - https://docs.fortinet.com/document/fortigate/7.4.1/administration-guide/656084/firewall-policy
Local-in Policy - https://docs.fortinet.com/document/fortigate/7.4.1/administration-guide/363127/local-in-policy
Port 179 is open by default - https://docs.fortinet.com/document/fortigate/7.4.1/administration-guide/895321/view-open-and-in-use-...
Best regards,
Erlin