Description |
This article explains how to configure an IPv4 Dos Policy on FortiGate for use with Zoom meetings. Zoom meetings generate a large amount of UDP packets. Due to the large volume of UDP packets the, udp_flood on an IPv4 Dos policy can easily be triggered. This can cause a number of issues resulting in poor quality communication. |
Scope | FortiGate |
Solution |
Zoom requires TCP ports 80,443 and UDP ports 3478, 3479, 8801 - 8810. See the Zoom network firewall or proxy server settings:
If the IPv4 DoS policy is causing Zoom UDP packets to drop by triggering the udp_flood, it is necessary to allow the UDP ports that Zoom uses. This can be done in a separate IPv4 DoS policy so that the normal DoS policy is still effective.
Here is an example of how the service object should be configured:
In this example, port1 was used. The interface needs to be the Internet-facing WAN interface.
The result will be that traffic from Zoom servers will hit the Zoom-bypass DoS policy and not trigger the udp_flood. If the action is set to 'monitor' the traffic will pass through but will be shown in the Anomaly logs as 'detected'. |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.