Fortinet white logo
Fortinet white logo

CLI Reference

config gtp message-filter-v0v1

config gtp message-filter-v0v1

Note

This command is available for model(s): FortiGate 4200F, FortiGate 4201F, FortiGate 4400F, FortiGate 4401F.

It is not available for: FortiGate 1000D, FortiGate 100EF, FortiGate 100E, FortiGate 101E, FortiGate 1100E, FortiGate 1101E, FortiGate 1200D, FortiGate 140E-POE, FortiGate 140E, FortiGate 1500DT, FortiGate 1500D, FortiGate 1800F, FortiGate 1801F, FortiGate 2000E, FortiGate 200E, FortiGate 200F, FortiGate 201E, FortiGate 201F, FortiGate 2200E, FortiGate 2201E, FortiGate 2500E, FortiGate 2600F, FortiGate 2601F, FortiGate 3000D, FortiGate 300D, FortiGate 300E, FortiGate 301E, FortiGate 3100D, FortiGate 3200D, FortiGate 3300E, FortiGate 3301E, FortiGate 3400E, FortiGate 3401E, FortiGate 3600E, FortiGate 3601E, FortiGate 3700D, FortiGate 3800D, FortiGate 3810D, FortiGate 3815D, FortiGate 3960E, FortiGate 3980E, FortiGate 400D, FortiGate 400E Bypass, FortiGate 400E, FortiGate 401E, FortiGate 40F 3G4G, FortiGate 40F, FortiGate 5001D, FortiGate 5001E1, FortiGate 5001E, FortiGate 500D, FortiGate 500E, FortiGate 501E, FortiGate 600D, FortiGate 600E, FortiGate 601E, FortiGate 60E DSLJ, FortiGate 60E DSL, FortiGate 60E-POE, FortiGate 60E, FortiGate 60F, FortiGate 61E, FortiGate 61F, FortiGate 800D, FortiGate 80E-POE, FortiGate 80E, FortiGate 80F Bypass, FortiGate 80F-POE, FortiGate 80F, FortiGate 81E-POE, FortiGate 81E, FortiGate 81F-POE, FortiGate 81F, FortiGate 900D, FortiGate 90E, FortiGate 91E, FortiGate VM64, FortiGateRugged 60F 3G4G, FortiGateRugged 60F, FortiWiFi 40F, FortiWiFi 60E DSLJ, FortiWiFi 60E DSL, FortiWiFi 60E, FortiWiFi 60F, FortiWiFi 61E, FortiWiFi 61F, FortiWiFi 81F 2R 3G4G-POE, FortiWiFi 81F 2R-POE, FortiWiFi 81F 2R.

Message filter for GTPv0/v1 messages.

config gtp message-filter-v0v1
    Description: Message filter for GTPv0/v1 messages.
    edit <name>
        set create-mbms [allow|deny]
        set create-pdp [allow|deny]
        set data-record [allow|deny]
        set delete-aa-pdp [allow|deny]
        set delete-mbms [allow|deny]
        set delete-pdp [allow|deny]
        set echo [allow|deny]
        set end-marker [allow|deny]
        set error-indication [allow|deny]
        set failure-report [allow|deny]
        set fwd-relocation [allow|deny]
        set fwd-srns-context [allow|deny]
        set gtp-pdu [allow|deny]
        set identification [allow|deny]
        set mbms-de-registration [allow|deny]
        set mbms-notification [allow|deny]
        set mbms-registration [allow|deny]
        set mbms-session-start [allow|deny]
        set mbms-session-stop [allow|deny]
        set mbms-session-update [allow|deny]
        set ms-info-change-notif [allow|deny]
        set node-alive [allow|deny]
        set note-ms-present [allow|deny]
        set pdu-notification [allow|deny]
        set ran-info [allow|deny]
        set redirection [allow|deny]
        set relocation-cancel [allow|deny]
        set send-route [allow|deny]
        set sgsn-context [allow|deny]
        set support-extension [allow|deny]
        set unknown-message [allow|deny]
        set unknown-message-white-list <id1>, <id2>, ...
        set update-mbms [allow|deny]
        set update-pdp [allow|deny]
        set v0-create-aa-pdp--v1-init-pdp-ctx [allow|deny]
        set version-not-support [allow|deny]
    next
end

config gtp message-filter-v0v1

Parameter

Description

Type

Size

Default

create-mbms

GTPv1 create MBMS context (req 100, resp 101).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

create-pdp

Create PDP context (req 16, resp 17).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

data-record

Data record transfer (req 240, resp 241).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

delete-aa-pdp

GTPv0 delete AA PDP context (req 24, resp 25).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

delete-mbms

GTPv1 delete MBMS context (req 104, resp 105).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

delete-pdp

Delete PDP context (req 20, resp 21).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

echo

Echo (req 1, resp 2).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

end-marker

GTPv1 End marker (254).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

error-indication

Error indication (26).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

failure-report

Failure report (req 34, resp 35).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

fwd-relocation

GTPv1 forward relocation (req 53, resp 54, complete 55, complete ack 59).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

fwd-srns-context

GTPv1 forward SRNS (context 58, context ack 60).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

gtp-pdu

PDU (255).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

identification

Identification (req 48, resp 49).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

mbms-de-registration

GTPv1 MBMS de-registration (req 114, resp 115).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

mbms-notification

GTPv1 MBMS notification (req 96, resp 97, reject req 98. reject resp 99).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

mbms-registration

GTPv1 MBMS registration (req 112, resp 113).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

mbms-session-start

GTPv1 MBMS session start (req 116, resp 117).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

mbms-session-stop

GTPv1 MBMS session stop (req 118, resp 119).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

mbms-session-update

GTPv1 MBMS session update (req 120, resp 121).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

ms-info-change-notif

GTPv1 MS info change notification (req 128, resp 129).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

name

Message filter name.

string

Maximum length: 63

node-alive

Node alive (req 4, resp 5).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

note-ms-present

Note MS GPRS present (req 36, resp 37).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

pdu-notification

PDU notification (req 27, resp 28, reject req 29, reject resp 30).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

ran-info

GTPv1 RAN information relay (70).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

redirection

Redirection (req 6, resp 7).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

relocation-cancel

GTPv1 relocation cancel (req 56, resp 57).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

send-route

Send routing information for GPRS (req 32, resp 33).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

sgsn-context

SGSN context (req 50, resp 51, ack 52).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

support-extension

GTPv1 supported extension headers notify (31).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

unknown-message

Allow or Deny unknown messages.

option

-

allow

Option

Description

allow

Allow setting.

deny

Deny setting.

unknown-message-white-list <id>

White list (to allow) of unknown messages.

Message IDs.

integer

Minimum value: 1 Maximum value: 255

update-mbms

GTPv1 update MBMS context (req 102, resp 103).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

update-pdp

Update PDP context (req 18, resp 19).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

v0-create-aa-pdp--v1-init-pdp-ctx

GTPv0 create AA PDP context (req 22, resp 23); Or GTPv1 initiate PDP context (req 22, resp 23).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

version-not-support

Version not supported (3).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

config gtp message-filter-v0v1

config gtp message-filter-v0v1

Note

This command is available for model(s): FortiGate 4200F, FortiGate 4201F, FortiGate 4400F, FortiGate 4401F.

It is not available for: FortiGate 1000D, FortiGate 100EF, FortiGate 100E, FortiGate 101E, FortiGate 1100E, FortiGate 1101E, FortiGate 1200D, FortiGate 140E-POE, FortiGate 140E, FortiGate 1500DT, FortiGate 1500D, FortiGate 1800F, FortiGate 1801F, FortiGate 2000E, FortiGate 200E, FortiGate 200F, FortiGate 201E, FortiGate 201F, FortiGate 2200E, FortiGate 2201E, FortiGate 2500E, FortiGate 2600F, FortiGate 2601F, FortiGate 3000D, FortiGate 300D, FortiGate 300E, FortiGate 301E, FortiGate 3100D, FortiGate 3200D, FortiGate 3300E, FortiGate 3301E, FortiGate 3400E, FortiGate 3401E, FortiGate 3600E, FortiGate 3601E, FortiGate 3700D, FortiGate 3800D, FortiGate 3810D, FortiGate 3815D, FortiGate 3960E, FortiGate 3980E, FortiGate 400D, FortiGate 400E Bypass, FortiGate 400E, FortiGate 401E, FortiGate 40F 3G4G, FortiGate 40F, FortiGate 5001D, FortiGate 5001E1, FortiGate 5001E, FortiGate 500D, FortiGate 500E, FortiGate 501E, FortiGate 600D, FortiGate 600E, FortiGate 601E, FortiGate 60E DSLJ, FortiGate 60E DSL, FortiGate 60E-POE, FortiGate 60E, FortiGate 60F, FortiGate 61E, FortiGate 61F, FortiGate 800D, FortiGate 80E-POE, FortiGate 80E, FortiGate 80F Bypass, FortiGate 80F-POE, FortiGate 80F, FortiGate 81E-POE, FortiGate 81E, FortiGate 81F-POE, FortiGate 81F, FortiGate 900D, FortiGate 90E, FortiGate 91E, FortiGate VM64, FortiGateRugged 60F 3G4G, FortiGateRugged 60F, FortiWiFi 40F, FortiWiFi 60E DSLJ, FortiWiFi 60E DSL, FortiWiFi 60E, FortiWiFi 60F, FortiWiFi 61E, FortiWiFi 61F, FortiWiFi 81F 2R 3G4G-POE, FortiWiFi 81F 2R-POE, FortiWiFi 81F 2R.

Message filter for GTPv0/v1 messages.

config gtp message-filter-v0v1
    Description: Message filter for GTPv0/v1 messages.
    edit <name>
        set create-mbms [allow|deny]
        set create-pdp [allow|deny]
        set data-record [allow|deny]
        set delete-aa-pdp [allow|deny]
        set delete-mbms [allow|deny]
        set delete-pdp [allow|deny]
        set echo [allow|deny]
        set end-marker [allow|deny]
        set error-indication [allow|deny]
        set failure-report [allow|deny]
        set fwd-relocation [allow|deny]
        set fwd-srns-context [allow|deny]
        set gtp-pdu [allow|deny]
        set identification [allow|deny]
        set mbms-de-registration [allow|deny]
        set mbms-notification [allow|deny]
        set mbms-registration [allow|deny]
        set mbms-session-start [allow|deny]
        set mbms-session-stop [allow|deny]
        set mbms-session-update [allow|deny]
        set ms-info-change-notif [allow|deny]
        set node-alive [allow|deny]
        set note-ms-present [allow|deny]
        set pdu-notification [allow|deny]
        set ran-info [allow|deny]
        set redirection [allow|deny]
        set relocation-cancel [allow|deny]
        set send-route [allow|deny]
        set sgsn-context [allow|deny]
        set support-extension [allow|deny]
        set unknown-message [allow|deny]
        set unknown-message-white-list <id1>, <id2>, ...
        set update-mbms [allow|deny]
        set update-pdp [allow|deny]
        set v0-create-aa-pdp--v1-init-pdp-ctx [allow|deny]
        set version-not-support [allow|deny]
    next
end

config gtp message-filter-v0v1

Parameter

Description

Type

Size

Default

create-mbms

GTPv1 create MBMS context (req 100, resp 101).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

create-pdp

Create PDP context (req 16, resp 17).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

data-record

Data record transfer (req 240, resp 241).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

delete-aa-pdp

GTPv0 delete AA PDP context (req 24, resp 25).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

delete-mbms

GTPv1 delete MBMS context (req 104, resp 105).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

delete-pdp

Delete PDP context (req 20, resp 21).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

echo

Echo (req 1, resp 2).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

end-marker

GTPv1 End marker (254).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

error-indication

Error indication (26).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

failure-report

Failure report (req 34, resp 35).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

fwd-relocation

GTPv1 forward relocation (req 53, resp 54, complete 55, complete ack 59).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

fwd-srns-context

GTPv1 forward SRNS (context 58, context ack 60).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

gtp-pdu

PDU (255).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

identification

Identification (req 48, resp 49).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

mbms-de-registration

GTPv1 MBMS de-registration (req 114, resp 115).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

mbms-notification

GTPv1 MBMS notification (req 96, resp 97, reject req 98. reject resp 99).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

mbms-registration

GTPv1 MBMS registration (req 112, resp 113).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

mbms-session-start

GTPv1 MBMS session start (req 116, resp 117).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

mbms-session-stop

GTPv1 MBMS session stop (req 118, resp 119).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

mbms-session-update

GTPv1 MBMS session update (req 120, resp 121).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

ms-info-change-notif

GTPv1 MS info change notification (req 128, resp 129).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

name

Message filter name.

string

Maximum length: 63

node-alive

Node alive (req 4, resp 5).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

note-ms-present

Note MS GPRS present (req 36, resp 37).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

pdu-notification

PDU notification (req 27, resp 28, reject req 29, reject resp 30).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

ran-info

GTPv1 RAN information relay (70).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

redirection

Redirection (req 6, resp 7).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

relocation-cancel

GTPv1 relocation cancel (req 56, resp 57).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

send-route

Send routing information for GPRS (req 32, resp 33).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

sgsn-context

SGSN context (req 50, resp 51, ack 52).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

support-extension

GTPv1 supported extension headers notify (31).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

unknown-message

Allow or Deny unknown messages.

option

-

allow

Option

Description

allow

Allow setting.

deny

Deny setting.

unknown-message-white-list <id>

White list (to allow) of unknown messages.

Message IDs.

integer

Minimum value: 1 Maximum value: 255

update-mbms

GTPv1 update MBMS context (req 102, resp 103).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

update-pdp

Update PDP context (req 18, resp 19).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

v0-create-aa-pdp--v1-init-pdp-ctx

GTPv0 create AA PDP context (req 22, resp 23); Or GTPv1 initiate PDP context (req 22, resp 23).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.

version-not-support

Version not supported (3).

option

-

allow

Option

Description

allow

Allow message.

deny

Deny message.