FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
asengar
Staff
Staff
Article Id 248084
Description This article offers solutions for scenarios where the user attempts to add new entries in the external threat web server, but it displays as invalid in the firewall.
Scope Any supported version of FortiGate, FortiOS.
Solution

A normal Firewall policy can be created to block a small number of IP addresses. If a large database of IPs to block is necessary, it is recommended to instead create a web-server and provide the list of IPs in a plain .txt format on that server, as well as to configure that web-server in the external connector.

 

In some cases, incorrect formatting causes the entries to show as invalid in the FortiGate.


Error when the entry is exceeded.

 

asengar_0-1678094183981.png

 

See the 'External file format' section in the 'Threat Feeds' section of the FortiGate cookbook for a comprehensive list of requirements the threat feed text file has to meet.