Description | This article explains the configuration for the automation script to BAN the brute force attacker's IP. |
Scope | FortiGate, SSL VPN. |
Solution |
The below image represents the elements required for this configuration:
Example for the above:
Configure the Action element in the stitch as per below and the ACTION here will be a CLI Script:
The command to place the attacker IP in Banned list would be as per below,
diagnose user banned-ip add src4 %%remip%% 0 admin
To verify the Banned IP list:
diag user banned-ip list
Related article: Technical Tip: Retain permanent IP bans and quarantines after rebooting FortiGate |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.