how to disable specific ip address in ISDB

40chris · ‎01-20-2025

There is a nice article
https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-Disable-Specific-IP-Addresses-or-IP...
but this does not really help, if you want to disable an entry in the Malicious-Server table.
Because this has more than 500.000 entries and if the ip-address is in the middle you can scroll down a few weeks.
Not possible to search for the ip-address and disable it.

kafikar1 · ‎01-20-2025

Just create an loopback interface with a ip address. (Can be a /32) Change the sslvpn interface to the loopback interface you just created. Then go to vips and create a VIP with your external IP Address and forward it to your loopback ip address.

https://19216811.cam/ https://1921681001.id/

ebilcari · ‎01-20-2025

If you want to have a search bar in the GUI, I would suggest to reach your local Fortinet representative and ask for a New Feature Request.

For now you can try the CLI approach 'config firewall internet-service-extension' as shown in this article.

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.

AEK · ‎01-20-2025

Another approach is to add a firewall rule to the specific IP just before the ISDB related rule, in order to allow or deny the traffic to that IP address before it is matched by the ISDB related rule.

AEK

how to disable specific ip address in ISDB

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website