Forigate Custom Firewall Service - Source Port Range Question
Posted on 2014-01-09
We have a fortigate 100D - v4.0, build0665, 130514 (MR3 Patch 14). I need to create a new service. When I look at the programming of one of the other custom services (port 83) as an example, I notice the source port has a range of 83 to 65535 and the destination port is set to only 83. Here is the CLI programming…
config firewall service custom
set protocol TCP/UDP/SCTP
set tcp-portrange 83:83-65535
I’m not sure why the range is set. Should it only be port 83 or should I set the range? I’m looking for the best practice and the pitfalls of using and/or not using the range.