Technical Tip: Configuring FQDN-based External threat feed as destination in explicit proxy policy on FortiGate

An external threat feed is a list of IP addresses, domain names (FQDNs), or URLs obtained from an external source. It can be imported into the firewall and used in security policies to manage large static URL lists and block specific threats, such as compromised sites.

To configure an external threat feed, see Configuring an external feed - FortiGate administration guide.

To configure a FQDN-based external threat feed as a destination in an explicit proxy policy on FortiGate, follow these steps:

1. Go to Policy and Objects -> Address. 
2. Create a new proxy address.
3. Select URL Category as the type and ALL as the host.
4. Select the name of the external threat feed as the URL category.
   
   

Setting up the Policy.

1. Go to Proxy Policy and create a new proxy policy or edit existing policy.
2. In the destination field, select the proxy address created above.

By following these steps, it is possible to configure a FQDN-based external threat feed as a destination in an explicit proxy policy on FortiGate.

Related article:

Technical Tip: External threat list (threat feed) is not working (connector is showing down)

How to setup Explicit web proxy - FortiGate administration guide