FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Description This article describes the option that allows the default service port range to be customized from CLI.
Solution - Before version 6.2.0, the default service port is 1-65535, so in case when client is generating traffic with source port as 0 then the traffic is not allowed by FortiGate.
# sh fu | grep default-service set default-service-source-port 1-65535
- With the introduction of command ‘default-service-source-port’ it allows to set new service port range that starts with 0 and ends with 65535.
- The minimum value down to 0 and a maximum value up to 65535.
# config system global set default-service-source-port <port range> end
Where <port range> is the new default service port range.
Note: This change takes effect on the TCP/UDP protocol.
