beautypg.com

Table 5 – Fortinet FortiGate 100 User Manual

Page 154

background image

154

Fortinet Inc.

Predefined services

Firewall configuration

Table 5: FortiGate predefined services

Service name

Description

Protocol

Port

ANY

Match connections on any port. A connection

that uses any of the predefined services is

allowed through the firewall.

all

all

GRE

Generic Routing Encapsulation. A protocol that

allows an arbitrary network protocol to be

transmitted over any other arbitrary network

protocol, by encapsulating the packets of the

protocol within GRE packets.

47

AH

Authentication Header. AH provides source

host authentication and data integrity, but not

secrecy. This protocol is used for

authentication by IPSec remote gateways set

to aggressive mode.

51

ESP

Encapsulating Security Payload. This service is

used by manual key and AutoIKE VPN tunnels

for communicating encrypted data. AutoIKE

key VPN tunnels use ESP after establishing the

tunnel using IKE.

50

AOL

AOL instant messenger protocol.

tcp

5190-5194

BGP

Border Gateway Protocol routing protocol.

BGP is an interior/exterior routing protocol.

tcp

179

DHCP-Relay

Dynamic Host Configuration Protocol (DHCP)

allocates network addresses and delivers

configuration parameters from DHCP servers

to hosts.

udp

67

DNS

Domain name service for translating domain

names into IP addresses.

tcp

53

udp

53

FINGER

A network service that provides information

about users.

tcp

79

FTP

FTP service for transferring files.

tcp

21

GOPHER

Gopher communication service. Gopher

organizes and displays Internet server contents

as a hierarchically structured list of files.

tcp

70

H323

H.323 multimedia protocol. H.323 is a standard

approved by the International

Telecommunication Union (ITU) that defines

how audiovisual conferencing data is

transmitted across networks.

tcp

1720, 1503

HTTP

HTTP is the protocol used by the word wide

web for transferring data for web pages.

tcp

80

HTTPS

HTTP with secure socket layer (SSL) service

for secure communication with web servers.

tcp

443

IKE

IKE is the protocol to obtain authenticated

keying material for use with ISAKMP for

IPSEC.

udp

500

IMAP

Internet Message Access Protocol is a protocol

used for retrieving email messages.

tcp

143

Internet-Locator-

Service

Internet Locator Service includes LDAP, User

Locator Service, and LDAP over TLS/SSL.

tcp

389

See also other documents in the category Fortinet Hardware: