Fortinet Document Library

Version:


Table of Contents

New Features

6.2.0
Download PDF
Copy Link

Internet Service Customization

This version introduces new flexibility to tune Internet Service DB (ISDB) entries for their environments. A new CLI option allows the admin to add custom port and port ranges into their predefined ISDB entries.

Use the new CLI config firewall internet-service-addition command in system global to tune ISDB for your environment.

To add custom port range in global:
config firewall internet-service-addition
  edit 65646
      set comment "Add custom port-range:tcp/8080-8090 into 65646"
      config entry
          edit 1
              set protocol 6
              config port-range
                    edit 1
                         set start-port 8080
                         set end-port 8090
                    next
              end
          next
      end
  next
end
To execute internet-service refresh to apply the change:
 FGT-201E (65646) # end
 Warning: Configuration will only be applied after rebooting or using the 'execute internet-service refresh' command.

 FGT-201E (global) # exec internet-service refresh
 Internet Service database is refreshed.
To verify that the change was applied:
 FGT-201E (global) # diagnose internet-service info FG-traffic 6 8080 2.20.183.160
 Internet Service: 65646(Google.Gmail)
 FGT-201E (global) #

Internet Service Customization

This version introduces new flexibility to tune Internet Service DB (ISDB) entries for their environments. A new CLI option allows the admin to add custom port and port ranges into their predefined ISDB entries.

Use the new CLI config firewall internet-service-addition command in system global to tune ISDB for your environment.

To add custom port range in global:
config firewall internet-service-addition
  edit 65646
      set comment "Add custom port-range:tcp/8080-8090 into 65646"
      config entry
          edit 1
              set protocol 6
              config port-range
                    edit 1
                         set start-port 8080
                         set end-port 8090
                    next
              end
          next
      end
  next
end
To execute internet-service refresh to apply the change:
 FGT-201E (65646) # end
 Warning: Configuration will only be applied after rebooting or using the 'execute internet-service refresh' command.

 FGT-201E (global) # exec internet-service refresh
 Internet Service database is refreshed.
To verify that the change was applied:
 FGT-201E (global) # diagnose internet-service info FG-traffic 6 8080 2.20.183.160
 Internet Service: 65646(Google.Gmail)
 FGT-201E (global) #