I am new to Fortinet set up, but we are engaging a partner that requires us to allow Inbound and Outbound connections from them. They have provided a list of 297 different IP address that need to be whitelisted. Is there an easy way to accomplish importing these and then allowing all communication?
A point in the right direction would be appreciated. Thanks.
I think you can create a script to import the IP addresses to your fortigate. You can try this: config firewall address edit "X" <-- name set subnet x.x.x.x x.x.x.x <- enter the ip address or subnet next
edit "y" set subnet y.y.y.y y.y.y.y next end
Once done, you can copy it and paste it in fortigate CLI, then you can select those IP addresses in your IPv4 policy to whitelist.
you still need some policy or similar too...the address objects alone don't do any whitelisting...
But once you have imported them all you could create an address group and use that in policies so you need less policies. If those are all on the same subnet segment you could also create an address object for that segment instead of every single ip...
"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams