Help
FortiManager
FortiManager supports network operations use cases for centralized management, best practices compliance, and workflow automation to provide better protection against breaches.
JianWu
Staff
Staff

Created on ‎06-05-2025 05:19 AM Edited on ‎08-25-2025 01:23 AM By Community Manager

Article Id 395097

Technical Tip: FortiManager/FortiGate bulk address object creation

Description This article describes a solution to bulk add a large number of address objects into FortiManager or FortiGate.
Scope FortiManager, FortiGate, bulk object creation.
Solution

The issue and challenge:

When there is a need to create bulk address objects to be used in a FortiGate firewall policy, it would be a stressful job to create such in FortiManager with the GUI interface. This article introduces an Excel tool that can make this an easy job.

 

The solution and the Excel tool:

To create an address object, an object name and its value are required; sometimes, the object name may not be pre-defined and is optional, in such a case, a naming convention should be used.

 

The table below, as an example, shows what this tool can offer; it can address the following scenarios or say combination:

  1. Object name is well defined, such as hostnameA.
  2. Object names follow a certain naming convention.
  • Host starts with Host_ followed by an IP.
  • Subnet starts with Net_, followed by the subnet.
  1. Standard FQDN.
  2. Wildcard FQDN.
  3. Object name is blank, the value could be either a host reference by /32 or a subnet by a number less than 32, in such case, a naming convention is used, in the example below, Host_ and Net_ are used.

 

Screenshot-BulkAddingObjectScript.PNG

 

To use the Excel tool, copy and paste the value into columns A and B, and the script will be generated in column G.

The script can then be imported to FortiManager or FortiGate. It can handle up to 100 objects. If more object creation is required, either do it as batches of 100 or drag the line down to allow it to generate more. 

 

FortiManager import:

Go to Device Manager -> Script, create a new script, and run it against Policy Package or ADOM. If within the ADOM, there are multiple policy packages, either one is fine as the address object is shared among all policy packages within the ADOM.

 

Once the script is completed successfully, go to the Policy & Object -> Object Configurations -> Firewall Objects -> Address, and the objects from the script should be found here. 

 

In the Firewall policy page, to reference the new object just created, refreshing the object at the bottom is required if the new object is not seen; logging out and logging in again serves the purpose as well.

 

FortiGate import:

Log in to the FortiGate GUI, select the login user (usually admin) from the top right corner, choose Configuration/Scripts, and load the script from a file.

 

The Excel Tool download is available attached.
FortiManager-FortiGate-BulkAddressObjectCreation.zip
395
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.