Fortinet 100 Network Card User Manual


 
156 Fortinet Inc.
Providing access to custom services Firewall configuration
Providing access to custom services
Add a custom service if you need to create a policy for a service that is not in the
predefined service list.
1 Go to Firewall > Service > Custom.
2 Select New.
3 Enter a Name for the service. This name appears in the service list used when you
add a policy.
The name can contain numbers (0-9), uppercase and lowercase letters (A-Z, a-z), and
the special characters - and _. Other special characters and spaces are not allowed.
4 Select the Protocol (either TCP or UDP) used by the service.
5 Specify a Source and Destination Port number range for the service by entering the
low and high port numbers. If the service uses one port number, enter this number in
both the low and high fields.
6 If the service has more than one port range, select Add to specify additional protocols
and port ranges.
If you mistakenly add too many port range rows, select Delete to remove each
extra row.
7 Select OK to add the custom service.
You can now add this custom service to a policy.
Grouping services
To make it easier to add policies, you can create groups of services and then add one
policy to provide or block access for all the services in the group. A service group can
contain predefined services and custom services in any combination. You cannot add
service groups to another service group.
1 Go to Firewall > Service > Group.
TCP All TCP ports. tcp 0-65535
TELNET Telnet service for connecting to a remote
computer to run commands.
tcp 23
TFTP Trivial file transfer protocol, a simple file
transfer protocol similar to FTP but with no
security features.
udp 69
UDP All UDP ports. udp 0-65535
UUCP Unix to Unix copy utility, a simple file copying
protocol.
udp 540
VDOLIVE For VDO Live streaming multimedia traffic. tcp 7000-7010
WAIS Wide Area Information Server. An Internet
search protocol.
tcp 210
WINFRAME For WinFrame communications between
computers running Windows NT.
tcp 1494
X-WINDOWS For remote communications between an
X-Window server and X-Window clients.
tcp 6000-6063
Table 5: FortiGate predefined services (Continued)
Service name Description Protocol Port