Technical Tip: Automation stitch to add an address object group based on a predetermined schedule and append it to SSL VPN block automation stitch
| Description | This article describes how to make an Automation stitch that will create an address object group based on a schedule and update into SSL VPN block automation stitch. |
| Scope | FortiGate, SSL VPN |
| Solution | Based on the article Technical Tip: How to permanently block SSL VPN failed logins using an Automation Stitch, the following solution features a stitch to add groups on a weekly basis.
CLI configuration:
config system automation-trigger edit "weekly" set trigger-type scheduled set trigger-frequency weekly set trigger-weekday friday set trigger-hour 23 next end
CLI configuration:
config system automation-action edit "update_addrgrp" set action-type cli-script set script "config firewall addrgrp edit VPN_Failed_Login_%%date%% end edit 3 append srcaddr VPN_Failed_Login_%%date%% end" set accprofile "super_admin" next end
CLI configuration:
config system automation-action edit "BAN-SSLVPN-IP" set action-type cli-script set script "config firewall address edit SSLVPN-Block-%%log.remip%% set color 6 set subnet %%log.remip%%/32 end config firewall addrgrp edit VPN_Failed_Login_%%date%% append member SSLVPN-Block-%%log.remip%% end" set accprofile "super_admin" next end
CLI configuration:
config system automation-stitch edit "update addrgrp" set trigger "weekly" config actions edit 1 set action "update_addrgrp" set required enable next end next end
CLI references for the steps above are already mentioned in the original article. Refer to that article for the CLI and VDOM references for the above steps. |
