Why is tcp port 179 open in firewall even though BGP is not used?
Because it is scanned as being open.
Is there any way to disable it?
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Let's consider this topology:
172.16.1.1 ------ [LAN1|FGT|LAN2] ----- 192.168.1.1
LAN1 IP address: 172.16.1.2
You can block ping from 172.16.1.1 to 192.168.1.1 using firewall policy with srcintf LAN1 and dstintf LAN2.
But to block ping from 172.16.1.1 to 172.16.1.2, you need a local-in policy.
Easy example: In GUI navigate to Network> Interface. Edit an interface and allow administrative access ping.
This simply creates a local-in policy allow for ping on this interface.
You can display local-in policies in GUI in System> Feature Visibility.
If you don't allow administrative access ping on the interface: default local-in policy is used which is action=drop.
Hello! You can block incoming traffic with local-in policies:
https://docs.fortinet.com/document/fortigate/7.4.1/administration-guide/363127/local-in-policy
You can define incoming interface, protocol, port... And allow or block the traffic matching your settings.
Why is tcp port 179 open in firewall even though BGP is not used?
Hi @BusinessUser,
Do you have BGP configured on the FortiGate? Do you have any VIP/Virtual server for port forwarding on TCP 179?
Regards,
There is bgp enabled to communicate with the ISP router.
However the security team is unhappy that port 179 is open to all.
So should i use a local in policy or a firewall policy?
Why is port 179 open to all in the first place?
Hi @BusinessUser,
Please refer to this article for more detail "https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-close-BGP-port-179-with-Local-in-po...
Regards,
Minh
Hi All,
I need help.
There is bgp enabled to communicate with the ISP router.
However the security team is unhappy that port 179 is open to all.
So should i use a local in policy or a firewall policy?
Why is port 179 open to all in the first place?
Hi,
Please follow the KB for block the port 179 with local-in policy - https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-close-BGP-port-179-with-Local-in-po...
Best regards,
Erlin
still doesnt answer the question
what is the difference between using local in policy or a firewall policy?
Why is port 179 open to all in the first place?
Hi,
Here you can find the doc for the Firewall Policy - https://docs.fortinet.com/document/fortigate/7.4.1/administration-guide/656084/firewall-policy
Local-in Policy - https://docs.fortinet.com/document/fortigate/7.4.1/administration-guide/363127/local-in-policy
Port 179 is open by default - https://docs.fortinet.com/document/fortigate/7.4.1/administration-guide/895321/view-open-and-in-use-...
Best regards,
Erlin
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1732 | |
1106 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.