Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
create_share
New Contributor

Import IP Addresses

Hi,

 

Is it possible to import a list of IP Addresses and Subnets from a text or csv file into 201F? The firmware version is v7.0.11 build0489.

 

Thanks.

4 REPLIES 4
abarushka
Staff
Staff

Hello,

 

You may consider to use threat feeds. Please find the details by following the link below:

 

https://docs.fortinet.com/document/fortigate/6.2.15/cookbook/9463/threat-feeds

FortiGate
create_share

ede_pfau
Esteemed Contributor III

hi,

 

if you can run a Python script, you may use mine:

https://www.beneicke-edv.de/support/tools/#ext_blacklists

 

It does not only import addresses from a file, but enumerates them and distributes them into address groups, taking care of address group maximum sizes. In the end, a super address group will be created holding all addresses.

Note: as this is an "offline" script, i.e. without a live contact to the FGT, it will create a second script to delete all those addresses and address groups again. So, updating the content will need an import - delete - import new cycle.


Ede

"Kernel panic: Aiee, killing interrupt handler!"
Ede"Kernel panic: Aiee, killing interrupt handler!"
Christian_89
Contributor III

 

1. Prepare your text or CSV file with the list of IP addresses and subnets. Ensure that each entry is on a separate line, with each IP address or subnet in CIDR notation.

2. Connect to the FortiGate using SSH or console access and log in to the CLI.

3. Enter the following command to enter the global configuration mode:

```
config firewall address
```

4. Now, you can use a loop in the CLI to add each IP address or subnet from your file individually. Use the following command as an example:

```
edit <address-name>
set subnet <IP-address-or-subnet>
next
```

Replace `<address-name>` with a unique name for the address object, and `<IP-address-or-subnet>` with the IP address or subnet you want to add.

Repeat this command for each entry in your file, replacing the `<address-name>` and `<IP-address-or-subnet>` accordingly.

5. Once you have added all the IP addresses and subnets, exit the configuration mode by entering:

```
end
```

6. Verify that the IP addresses and subnets have been added successfully by checking the address list using the appropriate show commands.

 

Labels
Top Kudoed Authors