Fortinet Document Library

Version:


Table of Contents

CLI Reference

6.0.0
Download PDF
Copy Link

firewall {multicast-address | multicast-address6}

Use this command to configure multicast firewall addresses used in firewall multicast policies. Addresses, address groups, and Virtual IPs must have unique names to avoid confusion in firewall policies. If an address is selected in a policy, it cannot be deleted until it is deselected from the policy.

config firewall multicast-address
    edit {name}
    # Configure multicast addresses.
        set name {string}   Multicast address name. size[63]
        set type {multicastrange | broadcastmask}   Type of address object: multicast IP address range or broadcast IP/mask to be treated as a multicast address.
                multicastrange  Multicast range.
                broadcastmask   Broadcast IP/mask.
        set subnet {ipv4 classnet any}   Broadcast address and subnet.
        set start-ip {ipv4 address any}   First IPv4 address (inclusive) in the range for the address.
        set end-ip {ipv4 address any}   Final IPv4 address (inclusive) in the range for the address.
        set comment {string}   Comment. size[255]
        set visibility {enable | disable}   Enable/disable visibility of the multicast address on the GUI.
        set associated-interface {string}   Interface associated with the address object. When setting up a policy, only addresses associated with this interface are available. size[35] - datasource(s): system.interface.name
        set color {integer}   Integer value to determine the color of the icon in the GUI (1 - 32, default = 0, which sets value to 1). range[0-32]
        config tagging
            edit {name}
            # Config object tagging.
                set name {string}   Tagging entry name. size[63]
                set category {string}   Tag category. size[63] - datasource(s): system.object-tagging.category
                config tags
                    edit {name}
                    # Tags.
                        set name {string}   Tag name. size[64] - datasource(s): system.object-tagging.tags.name
                    next
            next
    next
end
config firewall multicast-address6
    edit {name}
    # Configure IPv6 multicast address.
        set name {string}   IPv6 multicast address name. size[63]
        set ip6 {ipv6 network}   IPv6 address prefix (format: xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx/xxx).
        set comment {string}   Comment. size[255]
        set visibility {enable | disable}   Enable/disable visibility of the IPv6 multicast address on the GUI.
        set color {integer}   Color of icon on the GUI. range[0-32]
        config tagging
            edit {name}
            # Config object tagging.
                set name {string}   Tagging entry name. size[63]
                set category {string}   Tag category. size[63] - datasource(s): system.object-tagging.category
                config tags
                    edit {name}
                    # Tags.
                        set name {string}   Tag name. size[64] - datasource(s): system.object-tagging.tags.name
                    next
            next
    next
end

Additional information

The following section is for those options that require additional explanation.

firewall {multicast-address | multicast-address6}

Use this command to configure multicast firewall addresses used in firewall multicast policies. Addresses, address groups, and Virtual IPs must have unique names to avoid confusion in firewall policies. If an address is selected in a policy, it cannot be deleted until it is deselected from the policy.

config firewall multicast-address
    edit {name}
    # Configure multicast addresses.
        set name {string}   Multicast address name. size[63]
        set type {multicastrange | broadcastmask}   Type of address object: multicast IP address range or broadcast IP/mask to be treated as a multicast address.
                multicastrange  Multicast range.
                broadcastmask   Broadcast IP/mask.
        set subnet {ipv4 classnet any}   Broadcast address and subnet.
        set start-ip {ipv4 address any}   First IPv4 address (inclusive) in the range for the address.
        set end-ip {ipv4 address any}   Final IPv4 address (inclusive) in the range for the address.
        set comment {string}   Comment. size[255]
        set visibility {enable | disable}   Enable/disable visibility of the multicast address on the GUI.
        set associated-interface {string}   Interface associated with the address object. When setting up a policy, only addresses associated with this interface are available. size[35] - datasource(s): system.interface.name
        set color {integer}   Integer value to determine the color of the icon in the GUI (1 - 32, default = 0, which sets value to 1). range[0-32]
        config tagging
            edit {name}
            # Config object tagging.
                set name {string}   Tagging entry name. size[63]
                set category {string}   Tag category. size[63] - datasource(s): system.object-tagging.category
                config tags
                    edit {name}
                    # Tags.
                        set name {string}   Tag name. size[64] - datasource(s): system.object-tagging.tags.name
                    next
            next
    next
end
config firewall multicast-address6
    edit {name}
    # Configure IPv6 multicast address.
        set name {string}   IPv6 multicast address name. size[63]
        set ip6 {ipv6 network}   IPv6 address prefix (format: xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx/xxx).
        set comment {string}   Comment. size[255]
        set visibility {enable | disable}   Enable/disable visibility of the IPv6 multicast address on the GUI.
        set color {integer}   Color of icon on the GUI. range[0-32]
        config tagging
            edit {name}
            # Config object tagging.
                set name {string}   Tagging entry name. size[63]
                set category {string}   Tag category. size[63] - datasource(s): system.object-tagging.category
                config tags
                    edit {name}
                    # Tags.
                        set name {string}   Tag name. size[64] - datasource(s): system.object-tagging.tags.name
                    next
            next
    next
end

Additional information

The following section is for those options that require additional explanation.