By default, the Local-In policy allows access to all addresses but you can create address groups to block specific IPs. One way to block attacks against a FortiGate device that has an IPSec VPN service enabled is via configuring a Local-In policy. If you have only IPv4 available on the WAN interface there is no need for IPv6 blocking. The full documentation has been published as well.Īt present, the integration only works with IPv4 address ranges, as achieving this with IPv6 would require another API call to create an address object, but it really depends on your network connectivity. The integration scripts are available for download from our partner portal. This particular integration is designed to automatically block traffic against the firewall and stop it at the perimeter.
In this post, I’m going to show you how to instruct Fortinet’s firewall FortiGate via Flowmon ADS to block traffic in response to a detected anomaly or attack. It’s a question we hear often - how to use Flowmon to block an attack? Flowmon is not an inline appliance to stand in the path of inbound traffic, so we partner with 3rd party vendors who supply equipment like firewalls or unified security gateways.