Thursday, May 14, 2020

HOWTO close ports 2000 and 5060 on Fortigates

When doing port or  vulnerability scan you will find tcp port 2000 & 5060 open. These are for the VoIP-ALG

To close these ports you can use a local-in policy but a quicker means is to set the config

"set default-voip-alg-mode kernel-helper-based" in  system settings;

e.g

 config system settings

   SOCPUP (settings) # set default-voip-alg-mode kernel-helper-based 

end




Use a online scanner to validate https://www.whatismyip.com/port-scanner/








NSE ( network security expert) and Route/Switching Engineer
kfelix  -----a----t---- socpuppets ---dot---com
     ^      ^
=(  @  @ )=
         o

        /  \
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)