<div>
<div class="content wysiwyg-content">
We have a fortigate 100D - v4.0, build0665, 130514 (MR3 Patch 14). I need to create a new service. When I look at the programming of one of the other custom services (port 83) as an example, I notice the source port has a range of 83 to 65535 and the destination port is set to only 83. Here is the CLI programming…<br />
<br />
config firewall service custom<br />
&nbsp; &nbsp; edit &quot;83&quot;<br />
&nbsp; &nbsp; &nbsp; &nbsp; set protocol TCP/UDP/SCTP<br />
&nbsp; &nbsp; &nbsp; &nbsp; set tcp-portrange 83:83-65535<br />
&nbsp; &nbsp; next<br />
end<br />
<br />
I’m not sure why the range is set. Should it only be port 83 or should I set the range? I’m looking for the best practice and the pitfalls of using and/or not using the range.
</div>
</div>


We have a fortigate 100D - v4.0, build0665, 130514 (MR3 Patch 14). I need to create a new service. When I look at the programming of one of the other custom services (port 83) as an example, I notice the source port has a range of 83 to 65535 and the destination port is set to only 83. Here is the CLI programming…

config firewall service custom
    edit "83"
        set protocol TCP/UDP/SCTP
        set tcp-portrange 83:83-65535
    next
end

I’m not sure why the range is set. Should it only be port 83 or should I set the range? I’m looking for the best practice and the pitfalls of using and/or not using the range.

Forigate Custom Firewall Service - Source Port Range Question

Network design and methodology, also known as network architecture, is the design of a communication network. It is a framework for the specification of a network's physical components and their functional organization and configuration, its operational principles and procedures, as well as data formats used in its operation. In telecommunication, the specification of a network architecture may also include a detailed description of products and services delivered via a communications network, as well as detailed rate and billing structures under which services are compensated.

Network Architecture

Hardware-based firewalls provide more sophisticated protection for inbound and outbound traffic than the simple Windows software firewall or the basic NAT firewalls found in routers. These devices implement techniques such as stateful packet inspection, deep packet inspection, and content filtering; and may include built-in antivirus and anti-malware protection.

Hardware Firewalls

Networking hardware includes the physical devices facilitating the use of a computer network. Typically, networking hardware includes gateways, routers, network bridges, modems, wireless access points, networking cables, line drivers, switches, hubs, and repeaters. But it also includes hybrid network devices such as multilayer switches, protocol converters, bridge routers, proxy servers, firewalls, network address translators, multiplexers, network interface controllers, wireless network interface controllers, ISDN terminal adapters and other related hardware.