fortigate-mcp
Server Configuration
Describes the environment variables required to run the server.
| Name | Required | Description | Default |
|---|---|---|---|
| FORTIGATE_HOST | Yes | IP address of the FortiGate device | |
| FORTIGATE_TOKEN | Yes | API token from FortiGate REST API admin | |
| FORTIGATE_TIMEOUT | No | HTTP request timeout in milliseconds | 10000 |
| FORTIGATE_VERIFY_SSL | No | Whether to verify SSL certificate (set true if valid cert) | false |
Capabilities
Features and capabilities supported by this server
| Capability | Details |
|---|---|
| tools | {
"listChanged": true
} |
Tools
Functions exposed to the LLM to take actions
| Name | Description |
|---|---|
| fortigate_get_system_statusA | Get FortiGate system status (firmware version, hostname, serial, uptime). Use this first to verify connectivity. |
| fortigate_list_address_groupsA | List all firewall address groups (just names). Use this to find which group contains a specific IP, or to see available groups before calling fortigate_get_address_group. |
| fortigate_get_address_groupA | Get full details of a specific address group, including all member IPs/addresses. Useful for finding which IPs are in groups like 'Wifi', 'IT Team', 'Only Use AI'. |
| fortigate_list_addressesA | List all firewall address objects (single IPs/subnets, just names). Useful for finding objects like 'ip068', 'ip080'. |
| fortigate_get_addressA | Get details of a specific firewall address object (the actual IP/subnet it represents). |
| fortigate_list_policiesA | List all firewall policies in order with key fields (id, name, src, dst, service, action). Top of list = highest priority. Use this to understand traffic flow rules. |
| fortigate_get_policyA | Get full details of a specific firewall policy by ID. |
| fortigate_list_webfilter_profilesA | List all web filter profiles (just names). |
| fortigate_get_webfilter_profileA | Get full details of a web filter profile, including URL filters (allow/block lists) and category filters. Useful for understanding what 'Only Use AI', 'Translator Google' profiles allow. |
| fortigate_list_servicesA | List all custom firewall services (just names). Useful for understanding services like 'Everest_default', 'anydesk_6568'. |
| fortigate_create_policyA | Safely create a firewall policy. Defaults to dry_run=true. To apply, set FORTIGATE_ENABLE_WRITE=true and pass confirm exactly as the configured confirmation phrase. |
| fortigate_update_policyA | Safely update a firewall policy. Reads the current policy first and defaults to dry_run=true. |
| fortigate_create_addressA | Safely create a firewall address object. Defaults to dry_run=true. To apply, set FORTIGATE_ENABLE_WRITE=true and pass confirm exactly as the configured confirmation phrase. |
| fortigate_update_addressA | Safely update a firewall address object. Reads the current object first and defaults to dry_run=true. |
| fortigate_delete_addressA | Safely delete a firewall address object. Reads the current object first and defaults to dry_run=true. |
| fortigate_create_address_groupA | Safely create a firewall address group with explicit members. Defaults to dry_run=true. |
| fortigate_update_address_group_membersA | Safely add, remove, or replace address group members. Reads current members first and defaults to dry_run=true. |
| fortigate_delete_address_groupA | Safely delete a firewall address group. Reads the current object first and defaults to dry_run=true. |
Prompts
Interactive templates invoked by user choice
| Name | Description |
|---|---|
No prompts | |
Resources
Contextual data attached and managed by the client
| Name | Description |
|---|---|
No resources | |
Latest Blog Posts
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/PeerapolSelanon/fortigate-mcp'
If you have feedback or need assistance with the MCP directory API, please join our Discord server