Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
BusinessUser
Contributor

TCP port 179 is open in firewall

Why is tcp port 179 open in firewall even though BGP is not used?

Because it is scanned as being open.

Is there any way to disable it?

1 Solution
nweckel

Let's consider this topology:
172.16.1.1 ------ [LAN1|FGT|LAN2] ----- 192.168.1.1
LAN1 IP address: 172.16.1.2

You can block ping from 172.16.1.1 to 192.168.1.1 using firewall policy with srcintf LAN1 and dstintf LAN2.
But to block ping from 172.16.1.1 to 172.16.1.2, you need a local-in policy.

Easy example: In GUI navigate to Network> Interface. Edit an interface and allow administrative access ping.
This simply creates a local-in policy allow for ping on this interface.
You can display local-in policies in GUI in System> Feature Visibility.
If you don't allow administrative access ping on the interface: default local-in policy is used which is action=drop.

View solution in original post

25 REPLIES 25
nweckel
Staff
Staff

Hello! You can block incoming traffic with local-in policies:

https://docs.fortinet.com/document/fortigate/7.4.1/administration-guide/363127/local-in-policy

You can define incoming interface, protocol, port... And allow or block the traffic matching your settings.

BusinessUser

Why is tcp port 179 open in firewall even though BGP is not used?

hbac
Staff
Staff

Hi @BusinessUser,

 

Do you have BGP configured on the FortiGate? Do you have any VIP/Virtual server for port forwarding on TCP 179?

 

Regards,

BusinessUser

There is bgp enabled to communicate with the ISP router.

However the security team is unhappy that port 179 is open to all.

So should i use a local in policy or a firewall policy?

Why is port 179 open to all in the first place?

mle2802
Staff
Staff
BusinessUser
Contributor

Hi All,

I need help.

There is bgp enabled to communicate with the ISP router.

However the security team is unhappy that port 179 is open to all.

So should i use a local in policy or a firewall policy?

Why is port 179 open to all in the first place?

esalija
Staff
Staff

Hi,

Please follow the KB for block the port 179 with local-in policy - https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-close-BGP-port-179-with-Local-in-po...

Best regards,

Erlin

BusinessUser

still doesnt answer the question

 

what is the difference between using local in policy or a firewall policy?

Why is port 179 open to all in the first place?

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors