Fortinet black logo

Administration Guide

Receiving quarantined source IP addresses from FortiGate

Receiving quarantined source IP addresses from FortiGate

FortiGate can maintain a list of source IPs that it prevents from interacting with the network and protected systems. You can configure FortiWeb to receive this list of IP addresses at intervals you specify. You can then configure an inline protection profile to detect the IP addresses in the list and take an appropriate action.

This feature is available only if the operating mode is Reverse Proxy or True Transparent Proxy.

To enable FortiGate integration:

Before you can begin configuring FortiGate integration, you have to enable it first.

  1. Go to System > Config > Feature Visibility.
    To access this part of the web UI, your administrator's account access profile must have Read and Write permission to items in the System Configuration category. For details, see "Permissions" on page 1.
  2. Locate Security Features.
  3. Enable FortiGate Integration.
  4. Click Apply.
To configure a FortiGate appliance that provides banned source IPs
  1. Go to System > Config > FortiGate Integration.
  2. Configure these settings:
  3. Enable Select to enable transmission of quarantined source IP address information from the specified FortiGate.
    FortiGate IP Address Specify the FortiGate IP address that is used for administrative access.
    FortiGatePort Specify the port that the FortiGate uses for administrative access via HTTPs.

    In most cases, this is port 443.
    Protocol Specify whether the FortiGate and FortiWeb communicate securely using HTTPS.
    Administrator Name Specify the name of the administrator account that FortiWeb uses to connect to the FortiGate.
    Administrator Password Specify the password for the FortiGate administrator account that FortiWeb uses.
    Schedule Frequency Specify how often FortiWeb checks the FortiGate for an updated list of banned source IP addresses, in hours. The valid range is 1 to 5.
  4. Click Apply to save your changes.
  5. To configure FortiWeb to detect the quarantined IP addresses and take the appropriate action, configure the FortiGate Quarantined IPs settings in an inline protection profile. For details, see Configuring a protection profile for inline topologies.
See also

Receiving quarantined source IP addresses from FortiGate

FortiGate can maintain a list of source IPs that it prevents from interacting with the network and protected systems. You can configure FortiWeb to receive this list of IP addresses at intervals you specify. You can then configure an inline protection profile to detect the IP addresses in the list and take an appropriate action.

This feature is available only if the operating mode is Reverse Proxy or True Transparent Proxy.

To enable FortiGate integration:

Before you can begin configuring FortiGate integration, you have to enable it first.

  1. Go to System > Config > Feature Visibility.
    To access this part of the web UI, your administrator's account access profile must have Read and Write permission to items in the System Configuration category. For details, see "Permissions" on page 1.
  2. Locate Security Features.
  3. Enable FortiGate Integration.
  4. Click Apply.
To configure a FortiGate appliance that provides banned source IPs
  1. Go to System > Config > FortiGate Integration.
  2. Configure these settings:
  3. Enable Select to enable transmission of quarantined source IP address information from the specified FortiGate.
    FortiGate IP Address Specify the FortiGate IP address that is used for administrative access.
    FortiGatePort Specify the port that the FortiGate uses for administrative access via HTTPs.

    In most cases, this is port 443.
    Protocol Specify whether the FortiGate and FortiWeb communicate securely using HTTPS.
    Administrator Name Specify the name of the administrator account that FortiWeb uses to connect to the FortiGate.
    Administrator Password Specify the password for the FortiGate administrator account that FortiWeb uses.
    Schedule Frequency Specify how often FortiWeb checks the FortiGate for an updated list of banned source IP addresses, in hours. The valid range is 1 to 5.
  4. Click Apply to save your changes.
  5. To configure FortiWeb to detect the quarantined IP addresses and take the appropriate action, configure the FortiGate Quarantined IPs settings in an inline protection profile. For details, see Configuring a protection profile for inline topologies.
See also