Fortinet Document Library

Version:

Version:

Version:

Version:

Version:


Table of Contents

Handbook

Creating service objects

FortiADC provides more than two dozen predefined services, as shown on the Shared Resources > Service > Service page. In addition, it allows you to create your service objects as well. Service objects are an important part of the following policy configurations:

  • Firewall policies
  • QoS policies
  • Connection limit policies
  • Link load balancing policies

Note: For link load-balancing, you can also add service objects to service groups; then use service groups in LLB policies.

Basic Steps
  1. Create service objects.
  2. Select them when you configure service groups or policies.

Before you begin:

  • You must have Read-Write permission for System settings.
To create a service object:
  1. Go to Shared Resources > Service.
  2. Select the Service tab.
  3. Click Create New to display the configuration editor.
  4. Complete the configuration as described in Service object configuration.
  5. Save the configuration.

Service object configuration

Settings Guidelines

Name

Configuration name. Valid characters are A-Z, a-z, 0-9, _, and -. No spaces.

Note: Once created, the name cannot be changed.

Protocol Type

Select one of the following:

  • ip (default)
  • icmp
  • tcp
  • udp
  • tcp-and-udp
  • sctp

Protocol

1

Note: This applies only when Protocol Type is to set to IP. In that case, it displays the protocol number without port.

Specify Source Port

This option becomes available when TCP, UDP, SCTP, or TCP-AND-UDP is selected as the protocol type. When selected, you also need to specify the Minimum Source Port and Maximum Source Port below.

Minimum Source Port

1

Maximum Source Port

65535

Minimum Destination Port

1

Maximum Destination Port

-65535

Creating service objects

FortiADC provides more than two dozen predefined services, as shown on the Shared Resources > Service > Service page. In addition, it allows you to create your service objects as well. Service objects are an important part of the following policy configurations:

  • Firewall policies
  • QoS policies
  • Connection limit policies
  • Link load balancing policies

Note: For link load-balancing, you can also add service objects to service groups; then use service groups in LLB policies.

Basic Steps
  1. Create service objects.
  2. Select them when you configure service groups or policies.

Before you begin:

  • You must have Read-Write permission for System settings.
To create a service object:
  1. Go to Shared Resources > Service.
  2. Select the Service tab.
  3. Click Create New to display the configuration editor.
  4. Complete the configuration as described in Service object configuration.
  5. Save the configuration.

Service object configuration

Settings Guidelines

Name

Configuration name. Valid characters are A-Z, a-z, 0-9, _, and -. No spaces.

Note: Once created, the name cannot be changed.

Protocol Type

Select one of the following:

  • ip (default)
  • icmp
  • tcp
  • udp
  • tcp-and-udp
  • sctp

Protocol

1

Note: This applies only when Protocol Type is to set to IP. In that case, it displays the protocol number without port.

Specify Source Port

This option becomes available when TCP, UDP, SCTP, or TCP-AND-UDP is selected as the protocol type. When selected, you also need to specify the Minimum Source Port and Maximum Source Port below.

Minimum Source Port

1

Maximum Source Port

65535

Minimum Destination Port

1

Maximum Destination Port

-65535