Created on 02-27-2009 02:24 PM
By default, when a communication session is accepted by an identify based firewall policy the user must authenticate. Firewall policies using either FTP, HTTP, HTTPS, or Telnet protocol. Authentication takes place by user entering a user name and password before being able to communicate through the FortiGate. By default users can only authenticate with a communication session that uses standard FTP, HTTP, HTTPS, or Telnet TCP ports. Ports 21, 80, 443, and 23 respectively.
This feature was not available in 3.0. Administrators will be allowed to set up authentication for ports other than these standards.
config user setting
config user settingconfig auth-portsedit 1set port 8080set type httpnextendedit 2set port 8008set type httpnextendedit 3set port 4523set type telnetendend
You can use the commands that follow if your firewall users need to authenticate with the FortiGate unit and if they use a nonstandard port for FTP, HTTP, HTTPS, or Telnet sessions.
For each protocol, adding non standard authentication ports does not change the standard authentication port. Instead you use this command to add additional non standard authentication ports. The standard authentication port is still valid and cannot be changed.
Related Articles
Technical Tip : Triggering NTLM authentication on HTTP and HTTPS non standard ports
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.