Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Eniigma
New Contributor

60E Create a group of specific IP addresses

Hi I'm still very new to Fortigate stuff and firewalls in general and feel like I'm missing something very basic here.

 

It is possible to create a group of specific IPs (not ranges) that I can add to at will and then use those in allow or deny rules.  At the moment the closest thing I can find is and address group, but that requires me to create an address for each IP that I'd want to add to the group.   At the moment I have a little over 26 IP's I'd like to add to the address and block all traffic with them, so creating an object for each on just to add to a group seems a little onerious, which makes me think I'm missing something very simple.

 

As I'm a newb to all this, I do all my managerment though the web interface.

1 Solution
Bubu
Contributor

Creating a unique address and then assigning it to a group is the best and only solution. You can prepare the entries on an Excel file and then send them in CLI to make your task easier

Exemple:

config firewall address 
edit H_1.1.1.1/32
set subnet 1.1.1.1/32
end

Bubu

View solution in original post

Bubu
3 REPLIES 3
Bubu
Contributor

Creating a unique address and then assigning it to a group is the best and only solution. You can prepare the entries on an Excel file and then send them in CLI to make your task easier

Exemple:

config firewall address 
edit H_1.1.1.1/32
set subnet 1.1.1.1/32
end

Bubu

Bubu
Eniigma
New Contributor

Bubu wrote:

Creating a unique address and then assigning it to a group is the best and only solution. You can prepare the entries on an Excel file and then send them in CLI to make your task easier

Exemple:

config firewall address 
edit H_1.1.1.1/32
set subnet 1.1.1.1/32
end

Ok thanks,  I'd hoped there was another way to just lump them all together.

 

Thanks for the answer.

Bubu

config firewall address,edit,H_1.1.1.1/32, set subnet,1.1.1.1/32,end

 

If you prepare an Excel list with all your addresses, then copy all the lines to a Notepad, you replace the "," with a line break, that's it, copy and paste in CLI.

Bubu

Bubu
Labels
Top Kudoed Authors