This article describes the option that allows the default service port range to be customized from CLI.
Before version 6.2.0, the default service port is 1-65535, so in case when client is generating traffic with source port as 0 then the traffic is not allowed by FortiGate.
sh fu | grep default-service
set default-service-source-port 1-65535
With the introduction of command ‘default-service-source-port’ it allows to set new service port range that starts with 0 and ends with 65535.
The minimum value down to 0 and a maximum value up to 65535.
config system global
set default-service-source-port
end
Where <port range> is the new default service port range.
Note:
This change takes effect on the TCP/UDP protocol.