Troubleshooting This section offers troubleshooting options for Carrier-related issues. This section includes: FortiOS Carrier diagnose commands Applying IPS signatures to IP packets within GTP-U tunnels GTP packets are not moving along your network FortiOS Carrier diagnose commands This section includes diagnose commands specific to FortiOS Carrier features such as GTP. GTP related diagnose commands This […]
FortiCarrier
FortiCarrier SCTP Concepts
SCTP Concepts As of FortiOS version 5.0, the FortiGate natively handles SCTP (Stream Control Transport Protocol) traffic, as an alternative to TCP and UDP for use in Carrier networks. The FortiGate handles SCTP as if it would any other traffic. Overview SCTP is a connection-oriented transport protocol that overcomes some of the limitations of both […]
FortiCarrier GTP identity filtering
GTP identity filtering FortiOS Carrier supports a number of filtering methods based on subscriber identity such as APN filtering, IMSI filtering, and advanced filtering. This section includes: IMSI on carrier networks The International Mobile Subscriber Identity (IMSI) number is central to identifying users on a carrier network. It is a unique number that is assigned […]
FortiCarrier GTP message type filtering
GTP message type filtering FortiOS Carrier supports message filtering in GTP by the type of message. This section includes: Common message types on carrier networks Carrier networks include many types of messages — some concern the network itself, others are content moving across the network, and still others deal with handshaking, billing, or other administration […]
Configuring Anti-overbilling in FortiOS Carrier
Configuring Anti-overbilling in FortiOS Carrier GPRS over billing attacks can be prevented with a properly configured Carrier-enabled FortiGate unit. Over billing can occur when a subscriber returns his IP address to the IP pool. Before the billing server closes it, the subscriber’s session is still open and vulnerable. If an attacker takes control of the […]
FortiCarrier Configuring Encapsulated Non-IP End User Address Filtering
Configuring Encapsulated Non-IP End User Address Filtering Much of the traffic on the GPRS network is in the form of IP traffic. However some parts of the network do not used IP based addressing, so the Carrier-enabled FortiGate unit is unable to perform Encapsulated IP Traffic Filtering. Depending on the installed environment, it may be […]
Configuring GTP on FortiOS Carrier
Configuring GTP on FortiOS Carrier Configuring GTP support on FortiOS Carrier involves configuring a number of areas of features. GTP support on the Carrier-enabled FortiGate unit The FortiCarrier unit needs to have access to all traffic entering and exiting the carrier network for scanning, filtering, and logging purposes. This promotes one of two configurations — […]
FortiCarrier Anti-Overbilling options
Anti-Overbilling options You can configure the FortiOS Carrier firewall to prevent over billing subscribers for traffic over the. To enable anti-overbilling, you must configure both the Gn/Gp firewall and the Gi firewall. Expand Anti-Overbilling in the GTP profile to reveal these settings. Anti-Overbilling Gi Firewall IP Address The IP address of the unit’s interface configured […]