> ## Documentation Index
> Fetch the complete documentation index at: https://docs.onefirewall.com/llms.txt
> Use this file to discover all available pages before exploring further.

# FortiGate Integration Guide

## Purpose

This guide describes how to integrate **OneFirewall Alliance (OFA) Threat Feeds** into a **FortiGate Security Fabric** using external dynamic lists (EDLs). The integration enables automatic enforcement of security rules based on live threat intelligence from OneFirewall, covering both **inbound** and **outbound** traffic.

# FortiGate Compatibility for OneFirewall Alliance Threat Feed Integration

## ✅ Minimum FortiOS Version Requirements

| Feature                               | Minimum FortiOS Version |
| ------------------------------------- | ----------------------- |
| External Connectors (Threat Feeds)    | **6.0+**                |
| Support for Custom HTTP Headers       | **6.2.3+**              |
| Feed Auto-Refresh & Policy Binding    | **6.4+**                |
| Full GUI Integration & Advanced Logic | **7.0+**                |

***

## 🔐 Notes

* **Custom Bearer token authentication** used by OneFirewall’s API requires **FortiOS 6.2.3 or higher**.
* Devices running FortiOS **prior to 6.2.3** can only ingest **unauthenticated feeds**, which is incompatible with OneFirewall’s authenticated feed.
* For best results, use **FortiOS 6.4 or 7.x**, which support:
  * Secure external connectors with headers
  * Feed auto-refreshing
  * Integration with inbound and outbound firewall policies
  * GUI-based management and logging

***

## Step 1: Generate API Token

1. Log into your OneFirewall Alliance profile.
2. Navigate to the **API Access** section.
3. Generate a **JWT token**.
4. Save this token securely — it will be used for authenticating feed requests.

<img src="https://mintcdn.com/onefirewall/7guFu20M_sXWrG3T/images/fortigate-1.png?fit=max&auto=format&n=7guFu20M_sXWrG3T&q=85&s=0cffef45376cbfe4a8b1f5ee251c9b67" alt="" width="2920" height="928" data-path="images/fortigate-1.png" />

<img src="https://mintcdn.com/onefirewall/7guFu20M_sXWrG3T/images/fortigate-2.png?fit=max&auto=format&n=7guFu20M_sXWrG3T&q=85&s=d1ad91414f50455cc4186307038f0dfe" alt="" width="1460" height="680" data-path="images/fortigate-2.png" />

***

## Step 2: Configure FortiGate External Connector

1. Access your FortiGate device.
2. Go to `Security Fabric` > `External Connectors`.
3. Click **Create New** > Select **IP Address Threat Feed**.
4. Configure the feed:
5. Set update interval as needed (e.g., every 15 minutes).
6. Save the connector.

<img src="https://mintcdn.com/onefirewall/7guFu20M_sXWrG3T/images/fortigate-3.png?fit=max&auto=format&n=7guFu20M_sXWrG3T&q=85&s=3712d5af2cdc0f5a0da083f3cb39cf52" alt="" width="538" height="554" data-path="images/fortigate-3.png" />

<img src="https://mintcdn.com/onefirewall/7guFu20M_sXWrG3T/images/fortigate-4.png?fit=max&auto=format&n=7guFu20M_sXWrG3T&q=85&s=05447bde9e1c1dfa761fca2f18e3cfe6" alt="" width="1460" height="502" data-path="images/fortigate-4.png" />

***

## Step 3: Create Security Policies

Now that FortiGate is receiving updated threat intelligence from OFA, apply it through security policies.

<img src="https://mintcdn.com/onefirewall/7guFu20M_sXWrG3T/images/fortigate-5.png?fit=max&auto=format&n=7guFu20M_sXWrG3T&q=85&s=ffbb36155a37607ebbc23f7ed2f73bc0" alt="" width="1653" height="652" data-path="images/fortigate-5.png" />

<img src="https://mintcdn.com/onefirewall/7guFu20M_sXWrG3T/images/fortigate-6.png?fit=max&auto=format&n=7guFu20M_sXWrG3T&q=85&s=708ef9a9f0fffbaf9e8487899f3d1251" alt="" width="1460" height="176" data-path="images/fortigate-6.png" />

here an example mapping **any** keyword to specific network interfaces

<img src="https://mintcdn.com/onefirewall/489fX27LLdkS3W2f/images/fortigate-7.png?fit=max&auto=format&n=489fX27LLdkS3W2f&q=85&s=822f68f4c59cfef2392a8dd3914291fd" alt="" width="1114" height="944" data-path="images/fortigate-7.png" />