Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Xenitel
New Contributor

Whitelisting IPs

Hello,

 

I am new to Fortinet set up, but we are engaging a partner that requires us to allow Inbound and Outbound connections from them.  They have provided a list of 297 different IP address that need to be whitelisted.  Is there an easy way to accomplish importing these and then allowing all communication?

 

A point in the right direction would be appreciated.  Thanks.

2 REPLIES 2
larsbollas
Staff
Staff

Hi Xenitel,

I think you can create a script to import the IP addresses to your fortigate.
You can try this:
config firewall address
edit "X" <-- name
set subnet x.x.x.x x.x.x.x <- enter the ip address or subnet
next

edit "y"
set subnet y.y.y.y y.y.y.y 
next
end

Once done, you can copy it and paste it in fortigate CLI, then you can select those IP addresses in your IPv4 policy to whitelist.

Regards.
Lars Bollas
NSE4
sw2090
Honored Contributor

you still need some policy or similar too...the address objects alone don't do any whitelisting...

But once you have imported them all you could create an address group and use that in policies so you need less policies. If those are all on the same subnet segment you could also create an address object for that segment instead of every single ip...


-- 

"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams