Hi I'm still very new to Fortigate stuff and firewalls in general and feel like I'm missing something very basic here.
It is possible to create a group of specific IPs (not ranges) that I can add to at will and then use those in allow or deny rules. At the moment the closest thing I can find is and address group, but that requires me to create an address for each IP that I'd want to add to the group. At the moment I have a little over 26 IP's I'd like to add to the address and block all traffic with them, so creating an object for each on just to add to a group seems a little onerious, which makes me think I'm missing something very simple.
As I'm a newb to all this, I do all my managerment though the web interface.
Solved! Go to Solution.
Creating a unique address and then assigning it to a group is the best and only solution. You can prepare the entries on an Excel file and then send them in CLI to make your task easier
Exemple:
config firewall address
edit H_1.1.1.1/32
set subnet 1.1.1.1/32
end
Bubu
Creating a unique address and then assigning it to a group is the best and only solution. You can prepare the entries on an Excel file and then send them in CLI to make your task easier
Exemple:
config firewall address
edit H_1.1.1.1/32
set subnet 1.1.1.1/32
end
Bubu
Bubu wrote:Ok thanks, I'd hoped there was another way to just lump them all together.Creating a unique address and then assigning it to a group is the best and only solution. You can prepare the entries on an Excel file and then send them in CLI to make your task easier
Exemple:
config firewall address
edit H_1.1.1.1/32
set subnet 1.1.1.1/32
end
Thanks for the answer.
config firewall address,edit,H_1.1.1.1/32, set subnet,1.1.1.1/32,end
If you prepare an Excel list with all your addresses, then copy all the lines to a Notepad, you replace the "," with a line break, that's it, copy and paste in CLI.
Bubu
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.