Fortinet white logo
Fortinet white logo

FortiOS Carrier

APN filtering

APN filtering

An Access Point Name (APN) is an Information Element (IE) included in the header of a GTP packet. APNs provide information about how to reach a network. An APN has the following format:

<network_id>[.mnc<mnc_int>.mcc<mcc_int>.gprs]

Where:

  • <network_id> is a network identifier or name that identifies the name of a network, for example, example.com or internet.
  • [.mnc<mnc_int>.mcc<mcc_int>.gprs] is the optional operator identifier that uniquely identifies the operator’s PLMN, for example, mnc123.mcc456.gprs.

Combining these two examples results in a complete APN of internet.mnc123.mcc456.gprs.

By default, GTP profiles allow all APNs. You configure APN filtering to restrict the APNs that users can access.

You can APN filtering to GTP create pdp request messages (GTPv1) and create session request messages (GTPv2). FortiOS Carrier inspects GTP packets for both APN and selected modes. If both parameters match an APN filter entry, FortiOS Carrier applies the filter action the traffic.

Additionally, FortiOS Carrier can filter GTP packets based on the combination of an IMSI prefix and an APN.

APN filtering

APN filtering

An Access Point Name (APN) is an Information Element (IE) included in the header of a GTP packet. APNs provide information about how to reach a network. An APN has the following format:

<network_id>[.mnc<mnc_int>.mcc<mcc_int>.gprs]

Where:

  • <network_id> is a network identifier or name that identifies the name of a network, for example, example.com or internet.
  • [.mnc<mnc_int>.mcc<mcc_int>.gprs] is the optional operator identifier that uniquely identifies the operator’s PLMN, for example, mnc123.mcc456.gprs.

Combining these two examples results in a complete APN of internet.mnc123.mcc456.gprs.

By default, GTP profiles allow all APNs. You configure APN filtering to restrict the APNs that users can access.

You can APN filtering to GTP create pdp request messages (GTPv1) and create session request messages (GTPv2). FortiOS Carrier inspects GTP packets for both APN and selected modes. If both parameters match an APN filter entry, FortiOS Carrier applies the filter action the traffic.

Additionally, FortiOS Carrier can filter GTP packets based on the combination of an IMSI prefix and an APN.