Hello, I have to block hundreds of IP addresses because of the flaw we all know. However, I have a version of my fortigate 200D that is in 6.0, the latest version supported by my hardware. When I import my file with the ips, there is no problem, I see it perfectly. Except that I can't, when I create a rule, find the famous import file to block the ips. Indeed, I have followed dozens of tutorials, but nothing works. I would need a little help to explain me how to block the ips with my imported file. Thank you for your help
Thanks for your answer. In fact, I import my file via the "fabric connectors" menu, creating an "ip address threat feed". My file imports correctly and I see the Ips in it.
However, when I create it, it tells me that it will be visible in "dns", but not in IPV'4. Now, I want to create a firewall rule that blocks all Ips from this file! But in the rule creation, this file does not appear.
So yes, that's exactly what I'm looking for. Except, I'm using a graphical interface. Isn't there a problem with the version? Because on different tutorials, when we create an import file, it appears directly in source/destination of our rule.
I think there must be a way to apply this file in a rule without using a client ?..
I have the impression, in fact, that my equipment with the 6.0 update is blocking a lot of features... After that, if you assure me that this documentation works, I can try to do it on the 6.0. But it's still a firewall in production
after reading up the v6.0 Handbook on Fabric connectors, I'd say that in that version you can not use the imported list in IPv4 policies directly (that is, in the source or destination address field). If a DNS filter would suffice, you can do that in v6.0. It will block the IP resolution of FQDNs used for HTTP(S) policies.
Without really being ashamed, I'd like to point to my blog where I offer a Python script for importing arbitrary long IP lists into IPv4 address objects and address groups (https://www.beneicke-edv.de/?page_id=999#ext_blacklists). Maybe it's of help for you, though it's not as elegant as a Fabric connector, as you'd need Python installed and the objects are not updated dynamically.
Ah, I don't think that link works anymore. I get "Diese Seite gibt es leider nicht." when trying to access your link, Ede. I also searched for "python script address", but this did not provide any results either.
You can upload files (like the script) to this thread though :)
+++ Divide by Cucumber Error. Please Reinstall Universe and Reboot +++
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.