Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
mhrth
New Contributor III

Created on ‎05-17-2022 07:50 PM

Whitelist Pentester IP Addresses

Hi,

 

My company is currently carrying out external pen testing on our servers and it was found out the nmap scan was blocked by FortiGate UTM. Is it possible to whitelist the IP addresses used by the pen testers? If possible, where should I whitelist those IP addresses?

 

 

Thank you.

Labels:
1325
0 Kudos
3 REPLIES 3
xsilver_FTNT
Staff
Staff

Created on ‎05-17-2022 11:47 PM

Hi,

log should show you which firewall policy and rules blocked it.

So you can make temporary policy ABOVE that blocking one (R-click -> Insert empty - Above).

And that new one might have their source IPs and accept their connections.

But shouldn't they test also ability to pass through your firewall? This also looks like social-engineering test to highlight how willing you are to bend the rules if someone asks for it?
:D

 

Tomas Stribrny - NASDAQ:FTNT - Fortinet stuff - TAC L3 Escalations engineer

1293
0 Kudos
Yurisk
Valued Contributor

Created on ‎05-18-2022 12:24 AM

Also make sure that no DDoS policy is in place, as it is checked before regular security policy , 

https://docs.fortinet.com/document/fortigate/6.2.9/cookbook/771644/dos-protection 

 

Yuri
https://yurisk.info/ blog: All things Fortinet, no ads.


All opinions are mine only.
1287
Debbie_FTNT
Staff
Staff
In response to Yurisk

Created on ‎05-18-2022 07:17 AM

Good point, DoS policies often recognize a port scan and quarantine the originating IP.

+++ Divide by Cucumber Error. Please Reinstall Universe and Reboot +++
1277
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.​

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2023 Fortinet, Inc. All Rights Reserved.