Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Dubos
New Contributor III

Add many addresses to Fortigate

Can I add addresses on FortiGate-600D-LENC with firmware version 5.4.1 to apply policies to them not individually, but by downloading a text file or a one-time list of addresses? I've seen this on newer versions in tutorial videos, but I can't find such features on my device

P.S.: We have already come up with a crutch for this - in python we wrote a script so that the ip addresses from the txt file are inserted into the command for the console and thus in a few seconds we added everyone, and then we created groups (several because, as it turned out, it is impossible to have more than 300 in one). But I still wonder if this can be implemented in a normal way on my version?

With respect,

Daniil Dubosarskij

cit.rkomi.ru

3 REPLIES 3
akileshc
Staff
Staff

Hello Daniil, 

 

Downloading the configuration backup from the Firewall and editing it to include all of the address objects or groups is the simplest way to meet your requirements.  The new configuration should then be uploaded to the firewall.

You can utilize the above-mentioned method because this is a one-time procedure.

Dubos
New Contributor III

Okay, that sounds great, thanks for the answer. And what if, for example, I write 400 addresses in one group in the config and upload it, and the limit on the number of addresses in one group is 300 pieces - in this case, won't my entire configuration break when I upload back to the system?

With respect,

Daniil Dubosarskij

cit.rkomi.ru

Debbie_FTNT

No, your entire configuration will not break - either the group object will exist in truncated form (missing some members) or it will not exist at all, and all policies that should reference it won't include it.

You can see configuration errors that FortiGate skips during bootup with this command: 'get system startup-error-log'

+++ Divide by Cucumber Error. Please Reinstall Universe and Reboot +++