Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
rofo_xdf
New Contributor

Created on ‎12-12-2015 05:07 PM

Bulk import policy address object into fortigate firewall from a text file

Hi

Is it possible to bulk import address objekt into fortigate fw from text file

need to set up a lot of address objects and map to to one address Group.

the text file look like this

config firewall address   edit adr1 set subnet x.x.x.x 255.255.255.255 next edit adr2 set subnet y.y.y.y 255.255.255.255 next edit adr3 set subnet z.z.z.z 255.255.255.255 next repeat for each address   end

10008
0 Kudos
7 REPLIES 7
rofo_xdf
New Contributor

Created on ‎12-12-2015 05:44 PM

Edit

get it to work but only for 4976 objects.

is it a limit for max objects in fortigate 60D?

5102
0 Kudos
rofo_xdf
New Contributor
In response to rofo_xdf

Created on ‎12-12-2015 06:19 PM

edit

Find the limit for firewall objects is 5000 in fgt60D.

 

5102
0 Kudos
emnoc
Esteemed Contributor III
In response to rofo_xdf

Created on ‎12-12-2015 08:12 PM

read the max value matrix per fortios and model ( google ) . I'm sure you have pre-allocated address so the 5K number is not doable.

 

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
5103
0 Kudos
gschmitt
Valued Contributor
In response to rofo_xdf

Created on ‎12-15-2015 02:00 AM

rofo.xdf wrote:

Edit

get it to work but only for 4976 objects.

is it a limit for max objects in fortigate 60D?

As others stated. 5000 is max, the remaining objects are probably default or preexisting ones.

If you don't mind me asking: Why in the name of <insert deity> do you need more than 5000 address objects for? You can use IP Ranges or subnets.

5103
0 Kudos
ede_pfau
SuperUser
SuperUser
In response to gschmitt

Created on ‎12-15-2015 04:23 AM

hint: the TOR nodes list has currently ~ 6.969 entries ([link]https://www.dan.me.uk/tornodes/)[/link]

Ede Kernel panic: Aiee, killing interrupt handler!
Ede Kernel panic: Aiee, killing interrupt handler!
5102
0 Kudos
gschmitt
Valued Contributor
In response to ede_pfau

Created on ‎12-15-2015 04:53 AM

ede_pfau wrote:

hint: the TOR nodes list has currently ~ 6.969 entries (https://www.dan.me.uk/tornodes/)

Which is a dynamic list by nature.

5103
0 Kudos
ede_pfau
SuperUser
SuperUser
In response to gschmitt

Created on ‎12-15-2015 05:24 AM

Sure but sometimes you need to protect a network from some bad guy coming from the TOR realm.

The list from the website is refreshed every 30 minutes, and loading it takes only 1-2 minutes in all.

 

Of course it would be more convenient to have the same mechanism as for botnet C&C servers via the AV engine.

Ede Kernel panic: Aiee, killing interrupt handler!
Ede Kernel panic: Aiee, killing interrupt handler!
5102
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.