GTP Overview

GTP uses GTPv1-C, GTPv2-C and GTP-U on different types of interfaces.
GTP comprises control plane (GTP-C), user plane (GTP-U), and charging (GTP' derived from GTP-C) traffic transferred on UDP/IP. View the PAN-OS releases by model that support GTP and the 3GPP Technical Standards that GTPv1-C, GTPv2-C, and GTP-U support.
Enabling GTP security on Palo Alto Networks firewalls allows you to protect the mobile core network infrastructure from malformed GTP packets, denial of service attacks, and out-of-state GTP messages, and also allows you to protect mobile subscribers from spoofed IP packets and overbilling attacks.
GTPv1-C is defined in 3GPP TS 29.060. It is used on a Gn interface, that is, the interface between GPRS support nodes (GSNs) within a public land mobile network (PLMN), and also across a Gp interface between GSNs in different PLMNs. It is also used for roaming and inter access mobility between Gn/Gp SGSNs and mobility management entities (MMEs). GTPv1-C carries various types of control plane signaling messages. The registered port number for GTPv1-C is 2123.
GTPv2-C is defined in 3GPP TS 29.274. It is used on various EPC (Evolved Packet Core) signaling interfaces, such as S3, S5, S8, and S11. GTPv2-C carries various types of control plane signaling messages. The registered port number for GTPv2-C is 2123.
GTP-U is defined in 3GPP TS 29.281. It encapsulates and routes user plane traffic across multiple signaling interfaces such as S1, S3, S5, and S8. GTP-U messages are either user plane or signaling messages. The registered port number for GTP-U is 2152.

Related Documentation