Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
GreatKent
New Contributor

IP Blocking Automation

Currently using the FortiGate firewall, “Version: Fortigate-1240B v4.0,build0646,121119 (MR3 Patch 11)” Instead of clicking the Web-GUI, which feature/option of the firewall can be used to block pre-defined IP for a pre-defined period of time in an automated fashion? e.g.: 1.) firewall automatically get IP from a webpage for blocking 2.) user upload a text file containing list of IP to be blocked 3.) any other method to achieve the purpose Thanks a lot!
1 REPLY 1
angel232
New Contributor

You can use the firewall's CLI (Command Line Interface) to achieve this. To block a pre-defined IP for a pre-defined period of time in an automated fashion, you can use the following steps:

  1. SSH into the firewall
  2. Use the following command to create a firewall address object: "config firewall address"
  3. Use the following command to block the address object: "config firewall policy"
  4. Save the configuration using the following command: "end" "execute reboot"

This way you can block IP addresses in an automated fashion using the CLI.

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors