Description
This article describes how to configure a Windows PC as an External Server for a Threat Feed. The example follows a PC located on LAN, but can as well be hosted on a remote-PC, accessible from the Internet as a regular web server. The configuration steps are the same.
Scope
FortiGate.
Windows (specific versions) that support IIS*
Note:
Internet Information Services (IIS) is a component of the Windows operating system and follows the same lifecycle. Go here to see support timelines for Windows Server (EOS: Aug 2022), Windows 10 Enterprise and Education (EOS: Oct 2025), and Windows 10 Pro (EOS: Oct 2025). Windows 11 replaced IIS.
Solution
The procedures for setting up a Windows computer as an external server for a threat feed are as follows:
- On PC, navigate to start and search for Turn Windows features on or off.
-
Turn on Internet Information Services (IIS), the system needs to be restarted to apply the changes.
-
Navigate to this path: C:\inetpub\wwwroot (this is the default IIS path for the server, but can be changed).
-
Make a text document and include entries in the text file.
-
On the firewall Go to the Security Fabric -> External Connectors -> Create New -> External Feeds -> Select types of threat feeds that need to be created. In the following example, it will be created for the IP Address.
-
Set the URL to http://<PC-IP_Address>/<Text-file-name.txt>.
-
After connecting firewall will fetch the address list from the PC.
Via CLI:
To view the entries run the below command
diagnose sys external-address-resource list <name>
