DescriptionThis article describes the supported IP address format configuration under IP address external threat feed and configuration sample.SolutionThe IP address external threat feed can only support the following 3 format.1) Single IP address without subnet information. Example:192.168.1.10
8.8.8.8
210.111.91.223
2) Subnet address. Example:192.168.1.0/24
10.0.0.0/8
210.111.0.0/16
3) IP address range. Example:192.168.1.1-192.168.1.254
10.10.0.1-10.10.255.254
200.0.0.1-200.255.255.254
Hereby is the steps to configure IP address external connector. Take note that the provided web server sample here is a Linux server and the setup of Linux server is not included into this documentation.1) Make sure that the txt file is accessible from the Fortigate network.
It is possible to open up from browser to check. It will be possible read the txt file from the browse as following:
2) Create a new external connector and select 'IP Address'.
3) Configure the 'IP Address' connector with format 'http://x.x.x.x/textfile.txt' as per following (x.x.x.x is the IP address of the web server):
4) Check status make sure it is in green and it is possible to view entries:
5) Use the IP address threat feed on the firewall policy.