Hot!PORT 7450 and 20080 is closed

Author
Fuss93
New Member
  • Total Posts : 7
  • Scores: 0
  • Reward points: 0
  • Joined: 2021/03/26 01:20:30
  • Status: offline
2021/03/26 01:31:36 (permalink)
0

PORT 7450 and 20080 is closed

Good morning all,
I'm having trouble opening port 7450 and another port,
There are some that open that work fine but for ports 7450 and 20080 it refuses to open them even though I did the same for the ports that are open. I don't understand why it doesn't work.
What I did was a virtual IP address with my public IP address on my targeted local IP address and opened port 7450 and created a rule for that as well.
But when I go on tools to check port 7450 it is close
Thank you for your answers.
#1

11 Replies Related Threads

    Toshi Esumi
    Expert Member
    • Total Posts : 2524
    • Scores: 241
    • Reward points: 0
    • Joined: 2014/11/06 09:56:42
    • Status: online
    Re: PORT 7450 and 20080 is closed 2021/03/26 10:52:52 (permalink)
    0
    Does the destination IP live on the FGT? If not, it might be closed on the server/destination side.
    #2
    Fuss93
    New Member
    • Total Posts : 7
    • Scores: 0
    • Reward points: 0
    • Joined: 2021/03/26 01:20:30
    • Status: offline
    Re: PORT 7450 and 20080 is closed 2021/03/26 12:40:31 (permalink)
    0
    Hi, I'm sorry but what is FGT because the acronym in English is hard because I'm French I'm sorryv
    #3
    Toshi Esumi
    Expert Member
    • Total Posts : 2524
    • Scores: 241
    • Reward points: 0
    • Joined: 2014/11/06 09:56:42
    • Status: online
    Re: PORT 7450 and 20080 is closed 2021/03/26 12:49:14 (permalink)
    0
    I meant FortiGate. Some just use FG.
    #4
    Fuss93
    New Member
    • Total Posts : 7
    • Scores: 0
    • Reward points: 0
    • Joined: 2021/03/26 01:20:30
    • Status: offline
    Re: PORT 7450 and 20080 is closed 2021/03/28 23:38:07 (permalink)
    0
    Yes I use FG but 7450 and 20080 are not open
    #5
    Toshi Esumi
    Expert Member
    • Total Posts : 2524
    • Scores: 241
    • Reward points: 0
    • Joined: 2014/11/06 09:56:42
    • Status: online
    Re: PORT 7450 and 20080 is closed 2021/03/29 07:55:12 (permalink)
    0
    Then again, is it out-to-in or in-to-out? And the destination IP is outside of the FGT?
    #6
    Fuss93
    New Member
    • Total Posts : 7
    • Scores: 0
    • Reward points: 0
    • Joined: 2021/03/26 01:20:30
    • Status: offline
    Re: PORT 7450 and 20080 is closed 2021/03/29 23:12:28 (permalink)
    0
    it is incoming and outgoing call and the outgoing call points to an IP address outside the FTG
    #7
    Toshi Esumi
    Expert Member
    • Total Posts : 2524
    • Scores: 241
    • Reward points: 0
    • Joined: 2014/11/06 09:56:42
    • Status: online
    Re: PORT 7450 and 20080 is closed 2021/03/30 08:10:35 (permalink)
    0
    So this is for your phone system connected to a service provider on the Internet.
    Did you configured a VIP for out-to-in traffic so the provider reaches the outside/public IP at the FGT then mapped to the server's local/private IP? I'm assuming you scanned the public IP from the Internet and found those ports closed, right? Then please share the vip config via CLI after masking public IP(s).
    #8
    Fuss93
    New Member
    • Total Posts : 7
    • Scores: 0
    • Reward points: 0
    • Joined: 2021/03/26 01:20:30
    • Status: offline
    Re: PORT 7450 and 20080 is closed 2021/03/30 23:16:26 (permalink)
    0
    Hello,
    Thanks for your reply and here is the screenshot and yes I have used the online tools which help me see if my port is closed :)
    post edited by Fuss93 - 2021/03/30 23:18:26

    Attached Image(s)

    #9
    Toshi Esumi
    Expert Member
    • Total Posts : 2524
    • Scores: 241
    • Reward points: 0
    • Joined: 2014/11/06 09:56:42
    • Status: online
    Re: PORT 7450 and 20080 is closed 2021/03/31 08:16:00 (permalink)
    0
    Then, as long as the policy that has this vip applied is allowing TCP 7450 and 20080 toward the interface the phone system is connected, and as long as the system is listening to the ports, those ports should show up as open when you scan the wan2's IP.
    I would look at the phone system side. But to prove the FGT is passing the scan packets for those ports, you can sniff the inside port with 'host 192.168.0.178' while scan is happening. You should see them passing through.
    If you can't see them, now you have to run "flow debug" to see why the FGT is dropping. You can find "how to" by simply putting "fortigate flow debug" in an internet search. You need to set filter with those ports.
    If you're not comfortable doing it or don't have time, just open a ticket and get help from TAC.
    #10
    Fuss93
    New Member
    • Total Posts : 7
    • Scores: 0
    • Reward points: 0
    • Joined: 2021/03/26 01:20:30
    • Status: offline
    Re: PORT 7450 and 20080 is closed 2021/04/01 02:18:33 (permalink)
    0
    Hello,
     
    Thx for your reply but i try the fortigate flow debug I'm trying but it didn't work
    #11
    Fuss93
    New Member
    • Total Posts : 7
    • Scores: 0
    • Reward points: 0
    • Joined: 2021/03/26 01:20:30
    • Status: offline
    Re: PORT 7450 and 20080 is closed 2021/04/05 23:33:53 (permalink)
    0
    Hello,
     
    I'm still stuck, can you help me please
    #12
    Jump to:
    © 2021 APG vNext Commercial Version 5.5