Mass import IP Subnets into Fortigate firewall

Recently, while working through an Office 365 Hybrid migration for a customer, we needed to bring the Exchange Online Protection IP address ranges into their firewall for policy changes.  Microsoft publishes this list here: https://technet.microsoft.com/en-us/library/dn163583%28v=exchg.150%29.aspx.  Unfortunately, I needed them in the following format:

config firewall address
edit ExchangeOnline-23.103.144.0
set subnet 23.103.144.0/22
next

Thankfully, this was made much easier with using Word find/replace with the following syntax:
17-09-2015 7-06-44 a-m-
Find: (<*>).(<*>).(<*>).(<*>)/(<*>)
Replace: edit ExchangeOnline-\1.\2.\3.\4^lset subnet \1.\2.\3.\4/\5 ^lnext^l

Turns this:
23.103.132.0/22
17-09-2015 7-08-09 a-m-
Into this:
17-09-2015 7-07-56 a-m-
edit ExchangeOnline-23.103.132.0
set subnet 23.103.132.0/22
next

Simply copy and paste into SSH, upload script, etc. and you’re sorted!

17-09-2015 7-08-33 a-m-

About AJ McKean

Based in sunny Tauranga, New Zealand, AJ McKean is a Senior Systems Engineer in Mt Maunganui. With over 15 years of professional IT experience working in both New Zealand and the United States, he holds several certifications including MCSE(2000-2003), MCITP:Enterprise(2008), MCSA(2012), VMware VCP-DCV5.5, CompTIA A+ & is an HP Storage Architect. He is passionate about all things IT, especially virtualization, automation & cloud technologies.

Leave a Reply

Your email address will not be published. Required fields are marked *