Fortinet black logo

Administration Guide

Home FortiWeb 7.2.2 Administration Guide
7.2.2
7.4.3
7.4.2
7.4.1
7.4.0
7.2.8
7.2.7
7.2.6
7.2.5
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.0.10
7.0.9
7.0.8
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
6.4.2
6.4.1
6.4.0
6.3.23
6.3.19
6.3.18
6.3.17
6.3.16
6.3.15
6.3.14
6.3.13
6.3.11
6.3.10
6.3.9
6.3.7
6.3.6
6.3.5
6.3.4
6.3.3
6.3.2
6.3.1
6.3.0
6.2.5
6.2.4
6.2.3
6.2.2
6.2.1
6.2.0
6.1.2
6.1.1
5.7.0
5.6.1
5.6.0
5.6.0

Creating IP groups

Creating IP groups

You can now create IP groups in Server Objects > IP Groups then reference them in modules where it requires to specify IP addresses or IP ranges. Currently we only support IP group in IP Protection > IP List and IP Protection > IP Reputation. In future releases it will be rolled out in more modules.

To create an IP group:

  1. Go to Server Objects > IP Groups.
    To access this part of the web UI, your administrator’s account access profile must have Read and Write permission to items in the Server Policy Configuration category. For details, see Permissions.
  2. Click Create New.
  3. Enter a name for the IP group.
  4. Click OK.
  5. Manually enter IP addresses or ranges one by one, or import an IP list file to add IP addresses in batch.
    Manually enter IP addresses
    1. Click Create New.
    2. Type the client’s source IP address. You can enter either a single IP address or a range of addresses (e.g. 1.2.3.4,2001::1,1.2.3.4-1.2.3.40,2001::1-2001::100). Multiple addresses or ranges should be separated with comma ",".
    3. Click OK.
    Import an IP list file
    1. Click Import to upload an IP list file.
      Please note that the uploaded IP list will replace all the existing IP addresses or ranges.
      If there are existing IP list items in the table, it's recommended to click the Download button and then add new list in the downloaded IP list file.
      The following rules apply to the IP list file:
      • The file must contain no more than 256 lines.
      • Each line can include multiple IP addresses or IP ranges, separated by commas.
      • Each line must contain at least one valid IP address.

      • Each line must be less than 4096 (FortiWeb-VM)/1024 (FortiWeb appliance) characters in length.

      • The file's encoding format should be UTF-8 and should have a ".txt" extension.

      • Extra commas, empty lines, and whitespace are permitted, but will be ignored by the system.

  6. Click OK.

The IP groups can be referenced in IP Protection > IP List and IP Protection > IP Reputation.

For FortiWeb-VM with 4G memory, the system won't function well if an IP group with maximum configurations is loaded in IP List or IP Reputation. It's recommended to use higher memory.

Previous
Next

Creating IP groups

You can now create IP groups in Server Objects > IP Groups then reference them in modules where it requires to specify IP addresses or IP ranges. Currently we only support IP group in IP Protection > IP List and IP Protection > IP Reputation. In future releases it will be rolled out in more modules.

To create an IP group:

  1. Go to Server Objects > IP Groups.
    To access this part of the web UI, your administrator’s account access profile must have Read and Write permission to items in the Server Policy Configuration category. For details, see Permissions.
  2. Click Create New.
  3. Enter a name for the IP group.
  4. Click OK.
  5. Manually enter IP addresses or ranges one by one, or import an IP list file to add IP addresses in batch.
    Manually enter IP addresses
    1. Click Create New.
    2. Type the client’s source IP address. You can enter either a single IP address or a range of addresses (e.g. 1.2.3.4,2001::1,1.2.3.4-1.2.3.40,2001::1-2001::100). Multiple addresses or ranges should be separated with comma ",".
    3. Click OK.
    Import an IP list file
    1. Click Import to upload an IP list file.
      Please note that the uploaded IP list will replace all the existing IP addresses or ranges.
      If there are existing IP list items in the table, it's recommended to click the Download button and then add new list in the downloaded IP list file.
      The following rules apply to the IP list file:
      • The file must contain no more than 256 lines.
      • Each line can include multiple IP addresses or IP ranges, separated by commas.
      • Each line must contain at least one valid IP address.

      • Each line must be less than 4096 (FortiWeb-VM)/1024 (FortiWeb appliance) characters in length.

      • The file's encoding format should be UTF-8 and should have a ".txt" extension.

      • Extra commas, empty lines, and whitespace are permitted, but will be ignored by the system.

  6. Click OK.

The IP groups can be referenced in IP Protection > IP List and IP Protection > IP Reputation.

For FortiWeb-VM with 4G memory, the system won't function well if an IP group with maximum configurations is loaded in IP List or IP Reputation. It's recommended to use higher memory.

Previous
Next