Example: ICMPv6 service
The IT Manager is doing some diagnostics and would like to temporarily block the successful replies of ICMP Node information Responses between 2 IPv6 networks.
The ICMP type for ICMP Node informations responses is 140. The codes for a successful response is 0.
Web-based Manager Instructions
- Go to Policy & Objects > Objects > Services and select Create New > Service.
- Fill out the fields with the following information
| Name | diagnostic-test1 |
| Comments | <Input into this field is optional> |
| Service Type | Firewall |
| Show in Service List | Check in check box |
| Category | Uncategorized |
| Protocol Type | ICMP6 |
| Type | 140 |
| Code | 0 |
- Select OK.
- Enter the following CLI command:
config firewall service custom
edit diagnostic-test1
set protocol ICMP6
set icmptype 140
set icmpcode 0
set visibility enable
end
To verify that the category was added correctly:
- Go to Policy & Objects > Objects > Services. Check that the services have been added to the services list and that they are correct.
- Enter the following CLI command:
config firewall service custom
edit <the name of the service that you wish to verify>
show full-configuration
Copyright © 2018 Fortinet, Inc. All Rights Reserved. | Terms of Service | Privacy Policy
