Troubleshooting Tip : error system extern...

FortiManager

FortiManager supports network operations use cases for centralized management, best practices compliance, and workflow automation to provide better protection against breaches.

Article Id 368211

Description

This article describes a workaround to resolve the issue where it shows the error 'error system external-resource; 'The resource is invalid' ' when trying to push a policy which has external threat feed added as source or destination.

Scope

FortiManager, FortiGate.

Solution

Create an IP Address Threat Feed on Fabric View -> External Connectors -> Create New -> IP Address Threat Feed.

The URL of the external resource which consists of the IP lists is added.

Screenshot 2025-01-03 121019.png

This threat feed has been added as a destination in the firewall policy.

Screenshot 2025-01-03 121019.png

When pushing the configuration to the FortiGate, it threw the following error where the marked area is the URL.

Screenshot 2025-01-03 121019.png

Resolution:

The DNS resolution is not there as this was an internal website.
Use the internal IP address in the IP thread feed URL.

Screenshot 2025-01-03 121019.png

202

Contributors

Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Troubleshooting Tip : error system external-resource; "The resource is invalid" error in install log for external threat feed config.

Description

Scope

Solution

You are leaving our website