Next Generation Firewall (NGFW)

Expand all | Collapse all

Fortigate Firewall Policy Export

  • 1.  Fortigate Firewall Policy Export

    Posted Dec 20, 2016 07:12 AM


    I am looking for a way to export the policies from my Fortigate into a user readable format so that we can perform an internal audit to ensure that all of our active policies are actually needed.  Has anyone seen a way to do this?

    If there is no native tool I will have to copy the policies out of the config file and generate a script that can parse through the text to output it to CSV or other usable format.  But I would rather not reinvent the wheel.




  • 2.  RE: Fortigate Firewall Policy Export

    Posted Dec 21, 2016 07:06 AM

    Try it:



    Paulo Raponi, NSE8

  • 3.  RE: Fortigate Firewall Policy Export

    Posted Jan 04, 2017 03:08 AM


    The firewall policy can be found in human readable format in the FortiGate's configuration. It is under "config firewall policy" section and it is a series of commands in the following syntax:

    config firewall policy
    edit <policy-number>


    edit <policy_number>





    You can retrieve the whole firewall policy as a text file, by issuing a "show" command under config firewall policy and then parse it as you wish. I don't know of any parsing tool, but I'm sure there are some in the net.




  • 4.  RE: Fortigate Firewall Policy Export

    Posted Apr 15, 2020 09:06 AM
    And here's a KnowledgeBase article that spells out a clean way to do what you need:')