Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
ZackFord
New Contributor

allowaccess fgfm and Port 541

So we use a FortiManager to manage all our remote firewalls. To enable the manager access to the remote fortigates you have to enable fgfm-access in the interface that it will be connecting to. When you do this, it open up port 541. All other management interfaces (ssh http/https telnet ping snmp) get restricted to trusted hosts, but fgfm-access gets opened up to the whole internet. Now the port is secure, but auditors freak out and customers don' t understand. Does anyone have any idea if there is a way to make this port appear as closed on a port scan instead of open? The best i have come up with is something like this: config firewall local-in-policy edit 2 set intf " port7" set srcaddr " Test_Public" set dstaddr " all" set service " FortiManager_541" set schedule " always" set action accept next edit 1 set intf " port7" set srcaddr " all" set dstaddr " all" set service " FortiManager_541" set schedule " always" set action deny next end This at least changes the state to filtered on a port scan. Let me know if anyone has any ideas.
FCNSA/FCNSP
FCNSA/FCNSP
1 REPLY 1
rwpatterson
Valued Contributor III

welcome to the forums. If the source IP for the FortiMgr is always the same, ONLY allow that IP access, and DENY all the rest. Never mind... I see that' s what you have done.

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com

Bob - self proclaimed posting junkie!See my Fortigate related scripts at: http://fortigate.camerabob.com
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors