Created on
03-05-2023
05:44 PM
Edited on
03-06-2023
01:32 AM
By
Jean-Philippe_P
Description | This article offers solutions for scenarios where the user attempts to add new entries in the external threat web server, but it displays as invalid in the firewall. |
Scope | Any supported version of FortiGate, FortiOS. |
Solution |
A normal Firewall policy can be created to block a small number of IP addresses. If a large database of IPs to block is necessary, it is recommended to instead create a web-server and provide the list of IPs in a plain .txt format on that server, as well as to configure that web-server in the external connector.
In some cases, incorrect formatting causes the entries to show as invalid in the FortiGate.
See the 'External file format' section in the 'Threat Feeds' section of the FortiGate cookbook for a comprehensive list of requirements the threat feed text file has to meet. |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2023 Fortinet, Inc. All Rights Reserved.