Hi everyone,
I'm facing an issue with FortiGate Application Control. I have a profile configured to block all applications, including Telnet and Unknown traffic. The problem occurs when I test Telnet using the command:
telnet pop.gmx.net 110
Instead of being blocked, this connection goes through, and in the logs, it gets categorized as "Unknown" rather than Telnet. Even though I’ve set Application Control to block Unknown traffic, it still allows the connection.
Telnet over port 110 (normally used for POP3) is not getting blocked or recognized as Telnet—it’s instead showing up as "Unknown" but still not being blocked.
Thanks for your help!
FLorian
config:
config application list
edit "TEMP_PERIMETER"
set enforce-default-app-port enable
set unknown-application-action block
set unknown-application-log enable
config entries
edit 1
set application 16091
next
edit 2
set category 2 3 5 6 7 8 12 15 17 21 22 23 25 26 28 29 30 31 32
next
edit 3
set action pass
next
end
next
end
config firewall policy
edit 1071741840
set name "TEST"
set uuid 9b0f2c98-7408-51ef-afa2-775104cae6d8
set srcintf "Z_INSIDE"
set dstintf "virtual-wan-link"
set action accept
set srcaddr "HOST_TEST_WIN007"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "TEMP_DEEP-INSPECTION"
set av-profile "TEMP_AV_default"
set webfilter-profile "TEMP_Web-Filter"
set dnsfilter-profile "TEMP_DNS-Filter"
set file-filter-profile "TEMP_Basic"
set ips-sensor "TEMP_IPS_strict"
set application-list "TEMP_PERIMETER"
set logtraffic all
set nat enable
set ippool enable
set poolname "NAT-POOL_INTERNET"
next
end
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1502 | |
1013 | |
749 | |
443 | |
209 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.