Fortinet black logo

CLI Reference

system fortigate-integration

system fortigate-integration

FortiGate appliances can maintain a list of source IPs that it prevents from interacting with the network and protected systems. You can configure FortiWeb to receive this list of IP addresses at intervals you specify. Then, you configure an inline protection profile to detect the IP addresses in the list and take an appropriate action.

This feature is available only if the operating mode is Reverse Proxy or True Transparent Proxy.

This command configures a FortiGate appliance that provides banned source IPs. To configure FortiWeb to detect the quarantined IP addresses and take the appropriate action, configure the FortiGate Quarantined IPs settings in an inline protection profile. For details, see waf web-protection-profile inline-protection.

To use this command, your administrator account’s access control profile must have either w or rw permission to the sysgrp area. For details, see Permissions.

Syntax

config system fortigate-integration

set address "<address_ipv4>"

set port <port_int>

set protocol {HTTP | HTTPS}

set username "<username_str>"

set password "<password_str>"

set schedule-frequency <schedule-frequency_int>

set flag {enable | disable}

end

Variable Description Default

address "<address_ipv4>"

Enter the FortiGate IP address that is used for administrative access. No default.

port <port_int>

Specify the port that the FortiGate uses for administrative access via HTTPs.

In most cases, this is port 443.

80

protocol {HTTP | HTTPS}

Specify whether the FortiGate and FortiWeb communicate securely using HTTPS.

HTTP

username "<username_str>"

Enter the name of the administrator account that FortiWeb uses to connect to the FortiGate.

No default.

password "<password_str>"

Enter the password for the FortiGate administrator account that FortiWeb uses.

No default.

schedule-frequency <schedule-frequency_int>

Enter how often FortiWeb checks the FortiGate for an updated list of banned source IP addresses, in hours.

The valid range is 1 to 5.

1

flag {enable | disable}

Enables or disables the transmission of quarantined source IP address information from the specified FortiGate. disable

Related topics

system fortigate-integration

system fortigate-integration

FortiGate appliances can maintain a list of source IPs that it prevents from interacting with the network and protected systems. You can configure FortiWeb to receive this list of IP addresses at intervals you specify. Then, you configure an inline protection profile to detect the IP addresses in the list and take an appropriate action.

This feature is available only if the operating mode is Reverse Proxy or True Transparent Proxy.

This command configures a FortiGate appliance that provides banned source IPs. To configure FortiWeb to detect the quarantined IP addresses and take the appropriate action, configure the FortiGate Quarantined IPs settings in an inline protection profile. For details, see waf web-protection-profile inline-protection.

To use this command, your administrator account’s access control profile must have either w or rw permission to the sysgrp area. For details, see Permissions.

Syntax

config system fortigate-integration

set address "<address_ipv4>"

set port <port_int>

set protocol {HTTP | HTTPS}

set username "<username_str>"

set password "<password_str>"

set schedule-frequency <schedule-frequency_int>

set flag {enable | disable}

end

Variable Description Default

address "<address_ipv4>"

Enter the FortiGate IP address that is used for administrative access. No default.

port <port_int>

Specify the port that the FortiGate uses for administrative access via HTTPs.

In most cases, this is port 443.

80

protocol {HTTP | HTTPS}

Specify whether the FortiGate and FortiWeb communicate securely using HTTPS.

HTTP

username "<username_str>"

Enter the name of the administrator account that FortiWeb uses to connect to the FortiGate.

No default.

password "<password_str>"

Enter the password for the FortiGate administrator account that FortiWeb uses.

No default.

schedule-frequency <schedule-frequency_int>

Enter how often FortiWeb checks the FortiGate for an updated list of banned source IP addresses, in hours.

The valid range is 1 to 5.

1

flag {enable | disable}

Enables or disables the transmission of quarantined source IP address information from the specified FortiGate. disable

Related topics