Carrier web-based manager settings

GTP Profile

You can configure multiple GTP profiles within the GTP menu. GTP profiles concern GTP activity flowing through the unit. These GTP profiles are then applied to a security policy.

 

GTP profile configuration settings

The following are GTP profile configuration settings in Security Profiles > GTP Profile.

 

GTP Profile

Lists each GTP profile that you have created. On this page, you can edit, delete or create a new GTP profile.

Create New                                 Creates a new GTP profile. When you select Create New, you are auto- matically redirected to the New page.

Edit                                             Modifies settings within a GTP profile in the list. When you select Edit, you are automatically redirected to Edit page.

Removes a GTP profile from the list.

Delete

To remove multiple GTP profiles from within the list, on the GTP Profile page, in each of the rows of the profiles you want removed, select the check box and then select Delete.

To remove all GTP profiles from within the list, on the GTP Profile page, select the check box in the check box column and then select Delete.

Name                                           The name of the GTP profile.

Displays the number of times the object is referenced to other objects. For example, av_1 profile is applied to a security policy; on the Profile page (Security Profiles > Antivirus > Profiles), 1 appears in Ref. .

To view the location of the referenced object, select the number in Ref., and the Object Usage window appears displaying the various locations of the referenced object.

Ref.

To view more information about how the object is being used, use one of the following icons that is avialable within the Object Usage window:

  • View the list page for these objects – automatically redirects you to the list page where the object is referenced at.
  • Edit this object – modifies settings within that particular setting that the object is referenced with. For example, av_1 profile is referenced with a security policy and so, when this icon is selected, the user is redirected to the Edit Policy page.
  • View the details for this object – table, similar to the log viewer table, contains information about what settings are configured within that par- ticular setting that the object is referenced with. For example, av_1 profile is referenced with a security policy, and that security policy’s settings appear within the table.

New GTP Profile

Provides settings for configuring a GTP profile.

Name                                           Enter a name for the GTP profile.

General Settings                       Configure general options for the GTP profile..

Message Type Filtering           Configure filtering for messages.

APN Filtering                             Configure filtering options for APN.

IMSI Filtering                             Configure filtering options for IMSI.

Advanced Filtering                   Configure advanced filtering options.

IE removal policy                      Configure IE removal policy options.

Encapsulated IP Traffic Fil- tering

Encapsulated Non-IP End

User Address Filtering Configure filtering options for encapsulated IP traffic.

Configure filtering options for encapsulated non-IP end user addresses.

Protocol Anomaly                     Configure protocol anomaly options.

AntiOverbilling                        Configure anti-overbilling options.

Log                                             Configure log options.

General settings options

The following are mostly house keeping options that appear in the General Settings area of the GTP configuration page.

General Settings section of the New GTP Profile

Sequence Number Val- idation Enable to check that packets are not duplicated or out of order. GTP pack- ets contain a Sequence Number field.

This number tells the receiving GGSN the order of the packets it is receiv- ing. Normally the GGSN compares this sequence number in the packets with its own sequence counter — if the two do not match, the packet is dropped. This sequence number validation can be off-loaded to the FortiOS Carrier freeing up resources on the GGSN.

This entry was posted in FortiOS 5.4 Handbook on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.