how to block 5000 public IP

Umesh · ‎04-08-2022

Hi All,

We have to block around 5000 public IP in FortiGate firewall 1200D, actually, I got a security advisory for this from our organization.

Just I would like to know from you all if there is any flexible solution for it as you know that this is a very lengthy task for me as we have to block one by one IP.

let me give an example -

Source IP would be - 193. X.X.X

Destination - 11.X.X.X

service - any and port no 449 also

blocked.

Thank you in advance.

sw2090 · ‎04-08-2022

you would have to generate the cli script from e.g. a list of ips and then run that on cli or imort it via gui. I don't know any other way.

--

"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams

Umesh · ‎04-08-2022

Well,

Could you please describe how to do it and what is the method and also pls write here the steps on how to do in FortiGate 1200D.

Thank you for replying on it.

Sachin_Alex_Cherian_ · ‎04-08-2022

Hi,

If the IP list can be maintained on a server, FG can be configured to pull the IP list from the server by adding an external thread feed. If this option interests you, you can have a look at the below link:

https://community.fortinet.com/t5/FortiGate/Technical-Tip-External-threat-list-threat-feed-blocked-v...

Regards,
Sachin.

ede_pfau · ‎04-09-2022

Some time ago I've developed a Python script to create a FortiOS blacklist from a simple list of IPs. You can find it here

Ede Kernel panic: Aiee, killing interrupt handler!

how to block 5000 public IP

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website