Fortinet Document Library

Version:

Version:


Table of Contents

Handbook

Download PDF
Copy Link

Managing ISP address books

ISP address books contain IP subnet addresses and associated province location settings for ISP links.

The following policies use the ISP address book objects:

  • ISP routes
  • LLB proximity routes
  • LLB policies
  • GLB data center configuration

The province setting is used in GLB deployments in China to enable location awareness that is province-specific. For example, a user can be directed to a data center in specific location inside the country, such as Beijing or Guangdong, rather than simply China.

ISP address book types shows the three types of address book entries:

  • Predefined—Addresses and associated province location settings for China Mobile, China Telecom, and China Unicom. The IP subnet addresses in the predefined address books are not exposed in the user interface. The predefined package is provided to make it easier for you to configure a route when all you know and all you need to know is the name of the ISP that hosts the link.
  • Restored—Addresses imported from a text file. The IP subnet addresses in the restored address books are not exposed in the user interface. “Restored” addresses can help you rapidly build an ISP address book configuration. “Restored” addresses can help you rapidly build an ISP address book configuration.
  • User-defined—In the ISP address configuration, you can modify the predefined and restored address books by specifying subnets to add or exclude from them. This gives you flexibility in case you encounter address conflicts or the ISP instructs you to add a subnet address manually.

You can also create new user-defined entries for other ISPs.

Note: In systems with multiple VDOMs, these commands apply to the current VDOM only. In other words, if you configure an exclusion, it is applicable to the current VDOM only; it does not change the predefined address book.

You can use the Inquire utility to see whether an IP address belongs to any of the address books. If an address can be found in more than one address book, the results are returned in the following priority:

  1. User-defined
  2. Restored
  3. Predefined

ISP address book types

The text file for the Restored entries has the following format:

#this is a comment line

ISP name:ABC

Province:Beijing

1.1.1.0/24

Province:Unknown

2.2.0.0 255.255.0.0

#this is a comment line too

3.3.3.3/32

ISP name:DEF

Province:Shanghai

4.4.4.0 255.255.255.0

5.5.0.0/16

 

You use the Restore utility to import the file and the Back Up utility to export it.

You use the Clean utility to erase entries that were imported from the text file. The clean operation does not affect the predefined addresses or user-configured entries. If a restored entry has user-configured elements (for example, an exclude list), the clean operation clears the addresses but preserves the configuration and converts it to a user-defined type.

Basic Steps
  1. Create ISP address objects.
  2. Select them when you configure your policies.

Note: Before you begin, you must have read-write permission for System settings.

Create an ISP address book object

To create an ISP address book object:
  1. Click Shared Resource > Address.
  2. Click the ISP Address tab.
  3. Click Create New. The ISP Address dialog opens.
  4. Complete the configuration as described in ISP address object configuration.
  5. Click Save.

ISP address object configuration

Settings Guidelines

Name

Configuration name. Valid characters are A-Z, a-z, 0-9, _, and -. No spaces.

After you initially save the configuration, you cannot edit the name.

Address

Address/mask notation specifying a subnet to add it to the address book entry.

Excluded Address

Address/mask notation specifying a subnet to be excluded from the address book entry. Create exclusions to predefined and restored address books only.

Note: This field applies to predefined and restored address books only; it is not applicable or available for user-defined address books.

Province

 

Select the associated province location. The configuration supports the following selections:

Anhui

Beijing

Chongqing

Fujian

Gansu

Guangdong

Guangxi

Guizhou

Hainan

Hebei

Heilongjiang

Henan

Hubei

Hunan

Jiangsu

Jiangxi

Jilin Liaoning

Neimenggu

Ningxia

Qinghai

Shandong

Shanghai

Shanxi (Taiyuan)

Shanxi (Xian)

Sichuan

Tianjin

Xianggang

Xinjiang

Xizang

Yunnan

Zhejiang

Unknown

Managing ISP address books

ISP address books contain IP subnet addresses and associated province location settings for ISP links.

The following policies use the ISP address book objects:

  • ISP routes
  • LLB proximity routes
  • LLB policies
  • GLB data center configuration

The province setting is used in GLB deployments in China to enable location awareness that is province-specific. For example, a user can be directed to a data center in specific location inside the country, such as Beijing or Guangdong, rather than simply China.

ISP address book types shows the three types of address book entries:

  • Predefined—Addresses and associated province location settings for China Mobile, China Telecom, and China Unicom. The IP subnet addresses in the predefined address books are not exposed in the user interface. The predefined package is provided to make it easier for you to configure a route when all you know and all you need to know is the name of the ISP that hosts the link.
  • Restored—Addresses imported from a text file. The IP subnet addresses in the restored address books are not exposed in the user interface. “Restored” addresses can help you rapidly build an ISP address book configuration. “Restored” addresses can help you rapidly build an ISP address book configuration.
  • User-defined—In the ISP address configuration, you can modify the predefined and restored address books by specifying subnets to add or exclude from them. This gives you flexibility in case you encounter address conflicts or the ISP instructs you to add a subnet address manually.

You can also create new user-defined entries for other ISPs.

Note: In systems with multiple VDOMs, these commands apply to the current VDOM only. In other words, if you configure an exclusion, it is applicable to the current VDOM only; it does not change the predefined address book.

You can use the Inquire utility to see whether an IP address belongs to any of the address books. If an address can be found in more than one address book, the results are returned in the following priority:

  1. User-defined
  2. Restored
  3. Predefined

ISP address book types

The text file for the Restored entries has the following format:

#this is a comment line

ISP name:ABC

Province:Beijing

1.1.1.0/24

Province:Unknown

2.2.0.0 255.255.0.0

#this is a comment line too

3.3.3.3/32

ISP name:DEF

Province:Shanghai

4.4.4.0 255.255.255.0

5.5.0.0/16

 

You use the Restore utility to import the file and the Back Up utility to export it.

You use the Clean utility to erase entries that were imported from the text file. The clean operation does not affect the predefined addresses or user-configured entries. If a restored entry has user-configured elements (for example, an exclude list), the clean operation clears the addresses but preserves the configuration and converts it to a user-defined type.

Basic Steps
  1. Create ISP address objects.
  2. Select them when you configure your policies.

Note: Before you begin, you must have read-write permission for System settings.

Create an ISP address book object

To create an ISP address book object:
  1. Click Shared Resource > Address.
  2. Click the ISP Address tab.
  3. Click Create New. The ISP Address dialog opens.
  4. Complete the configuration as described in ISP address object configuration.
  5. Click Save.

ISP address object configuration

Settings Guidelines

Name

Configuration name. Valid characters are A-Z, a-z, 0-9, _, and -. No spaces.

After you initially save the configuration, you cannot edit the name.

Address

Address/mask notation specifying a subnet to add it to the address book entry.

Excluded Address

Address/mask notation specifying a subnet to be excluded from the address book entry. Create exclusions to predefined and restored address books only.

Note: This field applies to predefined and restored address books only; it is not applicable or available for user-defined address books.

Province

 

Select the associated province location. The configuration supports the following selections:

Anhui

Beijing

Chongqing

Fujian

Gansu

Guangdong

Guangxi

Guizhou

Hainan

Hebei

Heilongjiang

Henan

Hubei

Hunan

Jiangsu

Jiangxi

Jilin Liaoning

Neimenggu

Ningxia

Qinghai

Shandong

Shanghai

Shanxi (Taiyuan)

Shanxi (Xian)

Sichuan

Tianjin

Xianggang

Xinjiang

Xizang

Yunnan

Zhejiang

Unknown