FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.

This article describes how to ban a quarantine source IP using the FortiView feature in FortiGate.



To block quarantine IP navigate to FortiView -> Sources.

Right-click on the source to ban and select Ban IP:

After selecting Ban IP, specify the duration of the ban:

To view the banned IP on the GUI, navigate to Monitor -> Quarantine Monitor:


In order to ban an IP from CLI, the following command can be used:


# diagnose user quarantine ?
list:      List user quarantine entries.
add:     Add user quarantine entry.
delete: Delete user quarantine entry.
clear :  Clear all user quarantine entries.
stat:    stat


Below is an example of syntax for banning an IP and a showcase of the possible options:

# diagnose user quarantine add ?
src4: IPv4 source ban.
src6: IPv6 source ban.


# diagnose user quarantine add src4 ?
<src-ipv4> Source IPv4 address.


# diagnose user quarantine add src4 ?
<expiry> Expiry in seconds.


# diagnose user quarantine add src4 60 ?
<ban-source> Ban source (admin/dlp/ips/av/dos).


# diagnose user quarantine add src4 60 admin ?
<Enter> --> no more options are available, press Enter to ban the IP

To view the quarantined IP using CLI:


# diagnose user quarantine list