Defining firewall protocols on a FortiClient agent

Define protocols so that you can create firewall policies to allow or deny use of these protocols. You define a protocol in terms of the UDP or TCP ports that it uses. See “To define a firewall protocol:”.

To make it easier to add policies, create groups of protocols and then add one policy to allow or block access for all the protocols in the group. A protocol group cannot be added to another protocol group. See “Configuring firewall protocol groups on a FortiClient agent”.


Create New	Select to create a firewall protocol.
Override	The FortiClient agent’s configuration includes those inherited from the group to which the computer belongs. Selecting override allows you to modify the inherited firewall service configuration on this FortiClient agent. Deselecting override means that you want to use the firewall service configuration inherited from the group to which the computer belongs. Even with inherited firewall service configurations, you can still create new firewall services for a FortiClient agent. See “Adding a FortiClient agent group” and “Configuring settings for client groups”.
Name	The name of the firewall protocol.
Type	The type of protocol: TCP, UDP, TCP/UDP or ICMP
Source Port	Source port for the protocol.
Destination Port	Destination port for the protocol.
Action	Select the Delete icon to remove a firewall protocol, and Edit icon to modify a firewall protocol.


Name	Enter a name to identify the protocol.
Protocol	Select the protocol type: TCP, UDP, TCP/UDP or ICMP.
Source Port	Specify the source port number for the protocol. (Not for ICMP.)
Destination Port	Specify the destination port for the protocol. (Not for ICMP.)
Comments	Enter any comments on the firewall protocol.