Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
GreatKent
New Contributor

Created on ‎05-30-2014 02:54 AM

IP Blocking Automation

Currently using the FortiGate firewall, “Version: Fortigate-1240B v4.0,build0646,121119 (MR3 Patch 11)” Instead of clicking the Web-GUI, which feature/option of the firewall can be used to block pre-defined IP for a pre-defined period of time in an automated fashion? e.g.: 1.) firewall automatically get IP from a webpage for blocking 2.) user upload a text file containing list of IP to be blocked 3.) any other method to achieve the purpose Thanks a lot!
4463
0 Kudos
1 REPLY 1
angel232
New Contributor

Created on ‎01-30-2023 11:45 AM

You can use the firewall's CLI (Command Line Interface) to achieve this. To block a pre-defined IP for a pre-defined period of time in an automated fashion, you can use the following steps:

  1. SSH into the firewall
  2. Use the following command to create a firewall address object: "config firewall address"
  3. Use the following command to block the address object: "config firewall policy"
  4. Save the configuration using the following command: "end" "execute reboot"

This way you can block IP addresses in an automated fashion using the CLI.

560
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.