Skip to main content
Umesh
Umesh
Explorer II
April 8, 2022
Question

how to block 5000 public IP

  • April 8, 2022
  • 3 replies
  • 3612 views

Hi All, 

We have to block around 5000 public IP in FortiGate firewall 1200D, actually, I got a security advisory for this from our organization.

Just I would like to know from you all if there is any flexible solution for it as you know that this is a very lengthy task for me as we have to block one by one IP.

let me give an example - 

Source IP  would be - 193. X.X.X

Destination - 11.X.X.X

service - any and port no 449 also

blocked.

 

Thank you in advance.

 

3 replies

sw2090
SuperUser
sw2090
SuperUser
April 8, 2022

you would have to generate the cli script from e.g. a list of ips and then run that on cli or imort it via gui. I don't know any other way.

Umesh
UmeshAuthor
Explorer II
April 8, 2022

Well,

Could you please describe how to do it and what is the method and also pls write here the steps on how to do in FortiGate 1200D.

 

Thank you for replying on it.

Sachin_Alex_Cherian_
Staff
Sachin_Alex_Cherian_
Staff
April 8, 2022

Hi,

If the IP list can be maintained on a server, FG can be configured to pull the IP list from the server by adding an external thread feed. If this option interests you, you can have a look at the  below link:

https://community.fortinet.com/t5/FortiGate/Technical-Tip-External-threat-list-threat-feed-blocked-via-the/ta-p/192354

 

    ede_pfau
    SuperUser
    ede_pfau
    SuperUser
    April 9, 2022

    Some time ago I've developed a Python script to create a FortiOS blacklist from a simple list of IPs. You can find it here 

      Terms & ConditionsAccessibility statement