Carrier web-based manager settings

APN filtering options

An Access Point Name (APN) is an Information Element (IE) included in the header of a GTP packet. It provides information on how to reach a network.

An APN has the following format:



  • <network_id> is a network identifier or name that identifies the name of a network, for example,

or internet.

  • [.mnc<mnc_int>.mcc<mcc_int>.gprs] is the optional operator identifier that uniquely identifies the operator’s PLMN, for example mnc123.mcc456.gprs.


Combining these two examples results in a complete APN of internet.mnc123.mcc456.gprs.

By default, the unit permits all APNs. However, you can configure APN filtering to restrict roaming subscribers’ access to external networks.

APN filtering applies only to the GTP create pdp request messages. The unit inspects GTP packets for both APN and selected modes. If both parameters match and APN filter entry, the unit applies the filter to the traffic. Additionally, the unit can filter GTP packets based on the combination of an IMSI prefix and an APN.

You cannot add an APN when creating a new profile.

APN Filtering

Enable APN Filter                      Select to enable APN filtering.

Default APN Action                    Select the default action for APN filtering. If you select Allow, all sessions are allowed except those blocked by individual APN filters. If you select Deny, all sessions are blocked except those allowed by individual APN fil- ters.

Value                                            The APN to be filtered.

Mode                                            The type of mode chosen that indicates where the APN originated and whether the Home Location Register (HLR) has verified the user sub- scription:

Action                                          The type of action that will be taken.

Edit                                              Modifies the settings within the filter. When you select Edit, the Edit win- dow appears, which allows you to modify the settings of the APN.

Delete                                          Removes the APN from the list within the table, in the APN Filtering sec- tion.

Add APN                                      Adds a new APN filter to the list. When you select Add APN, the New win- dow appears, which allows you to configure the APN settings.

New APN page

Value                                            Enter an APN to be filtered. You can include wild cards to match multiple APNs. For example, the value internet* would match all APNs that being with internet.


Select one or more of the available modes to indicate where the APN ori- ginated and whether the Home Location Register (HLR) has verified the user subscription.

Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!

Don't Forget To visit the YouTube Channel for the latest Fortinet Training Videos and Question / Answer sessions!
- FortinetGuru YouTube Channel
- FortiSwitch Training Videos

Cybersecurity Videos and Training Available Via: Office of The CISO Security Training Videos