Created on 04-08-2009 01:00 AM Edited on 02-05-2024 02:33 AM By Jean-Philippe_P
Description
In Fortinet terminology, a Custom Service is a user defined service that has not already been created. A service can be thought of as a Traffic type and will include the service protocol type, TCP, UDP or ICMP for example, as well as the logical destination ports.
Scope
Applies to FortiGate in NAT mode or Transparent mode.
Solution
To create a custom service using the web based manager
From the navigation panel select Firewall > Service > Custom.
Select Create New.
Enter a name for the service and select a Protocol Type. For this example, TCP/UDP is selected.
Select TCP or UDP from Protocol.
Leave source port as 1-65535. This is a very common mistake.
Enter the destination port as the ports for the service.
Select OK.
With the custom service now created, the option to use this service in a policy now exists.
Note that in FortiOS a custom service can be created while being in the process of creating a new policy. This is done using the 'create new' option while selecting a service as part of this policy. See below.
Pass the traffic through the FortiGate unit and check the session table from the status page. Note that in some cases, if the custom service is not properly configured or applied to a Firewall Policy, the corresponding traffic might be blocked or matching a wrong Firewall Policy. Hence the procedures that follow.
Go to System > Status > Top Sessions, select Details beside session count. Setup a filter based on the port.
To create a custom service using the CLI, enter the following commands
config firewall service custom
edit <name>
set protocol TCP/UDP
set tcp-portrange <destination port range>
set udp-portrange <destination port range>
next
end
For example:
edit <name>
set protocol TCP/UDP
set tcp-portrange <1-65535>
set udp-portrange <1-65535>
next
end
Once the service is created, you need to apply it to a firewall policy to take effect.
Remi : for Testing , note that if customer service is not properly configured traffic will not pass, or pass in a wrong firewall policy
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.