Technical Tip: The FortiGuard IP address range

FortiGate

FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.

Article Id 317815

Description

This article describes the FortiGuard IP address range.

Scope

FortiGate.

Solution

FortiGuard IP address range can be found in the FortiGate Internet Service Database.

Edit 'Fortinet-FortiGuard' -> View/Edit Entries, and it will be possible to view the IP address/Port/Protocol that is used to communicate with the FortiGuard server.

view fortiguard.png

The same information can also be found in CLI with the following command:

FG # diagnose internet-service id <ID-number>

Example:

Determine the ID number of the Internet service.

FG # diagnose internet-service id | grep Fortinet-FortiGuard
ID: 1245324 name: "Fortinet-FortiGuard"
ID: 1245454 name: "Fortinet-FortiGuard.Secure.DNS"
ID: 1245514 name: "Fortinet-FortiGuard.SOCaaS"

To check the IP entries for the Internet Service 'Fortinet-FortiGuard' (ID 1245324).

FG # diagnose internet-service id 1245324
Internet Service: 1245324(Fortinet-FortiGuard)
Version: 00007.04063
Timestamp: 202502191125
Number of Entries: 330
12.34.97.0-12.34.97.255 country(840) region(2039) city(1106) blocklist(0x0) reputation(5), popularity(5) domain(0) botnet(0) proto(6) port(25 53 80 443 465 514 541-542 853 2195-2196 5223 8000 8686 8888 8890 9582)
12.34.97.0-12.34.97.255 country(840) region(2039) city(1106) blocklist(0x0) reputation(5), popularity(5) domain(0) botnet(0) proto(17) port(53 5246 8888)

8109

Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Technical Tip: The FortiGuard IP address range

You are leaving our website