Essentially, it is necessary to have a list of either IP addresses or subnets.

For this example, the following will be used:

95.10.48.0/24
96.120.36.0/24
97.239.248.0/24
97.239.255.0/24
98.150.140.0/24
99.238.140.0/24
100.233.116.0/24
101.242.192.0/24
102.46.176.0/24

Before doing this, make sure that there are no duplicate entries  use Excel to remove them):

• The red color means it's a duplicate value.
• Edit this so it is in the proper format to simply script via FortiGate GUI or paste it into the CLI.
• To do this, use Notepad++ or any text editor capable of doing text searches using regular expressions.
• With the IP address listed in a new file in Notepad++, bring up the 'Replace' window (Ctrl+H)
• For Search Mode, select the Regular Expression option:

In the Find What: field, enter the following:

 “(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})(/\d{2})” < no quotes >

The problem with the above is that the regular expression only works on the IP address. If there is a list of FQDNs, that regular expression will not work. To address this, kindly use the expression to work with both the IP address and FQDNs.

 “(.*)\.([\w_-]+(?:\.[\w_-]+)+)([\w.,@?^=%&:/~+#-]*)?” < no quotes >

In the Replace with: field enter:

 "edit NameIP-$1.$2.$3.$4\nset subnet $1.$2.$3.$4$5\nnext\n" < no quotes >   

- Select 'Find Next' to ensure it finds a subnet then select 'Replace' to verify it makes the change wanted.

Note.

Select all the contents of the text file before selecting 'Replace All'. (Ctrl+a).

• Select 'Replace All':

edit NameIP-95.10.48.0
    set subnet 95.10.48.0/24
next

edit NameIP-96.120.36.0
    set subnet 96.120.36.0/24
next

edit NameIP-97.239.248.0
    set subnet 97.239.248.0/24
next

edit NameIP-98.239.255.0
    set subnet 98.239.255.0/24
next

edit NameIP-99.150.140.0
    set subnet 99.150.140.0/24
next

edit NameIP-100.238.140.0
    set subnet 100.238.140.0/24
next

edit NameIP-101.233.116.0
    set subnet 101.233.116.0/24
next

edit NameIP-102.242.192.0
    set subnet 102.242.192.0/24
next

• At the top of this add the: 'config firewall address'.
• At the bottom add the: 'end'.

Note:

If the device is operating in VDOM mode, it will be necessary to enter that specific VDOM by adding the following commands to the top of the textfile:

config vdom
    edit <name_vdom>

To add these addresses to the FortiGate:

Method 1: Copy the contents of the text file and directly paste it into CLI on FortiGate.

Method 2: Upload via CLI script.

To run a script using the GUI:

• Select the username and select Configuration -> Scripts.
• Select 'Run Script'.
• Select the text file containing the script on the management computer, then select 'OK'.

The script runs immediately, and the Script Execution History table is updated:

Configuration scripts