Fortinet black logo

CLI Reference

system zone

system zone

Introduction.

config system zone
    edit {name}
    # Configure zones to group two or more interfaces. When a zone is created you can configure policies for the zone instead of individual interfaces in the zone.
        set name {string}   Zone name. size[35]
        config tagging
            edit {name}
            # Config object tagging.
                set name {string}   Tagging entry name. size[63]
                set category {string}   Tag category. size[63] - datasource(s): system.object-tagging.category
                config tags
                    edit {name}
                    # Tags.
                        set name {string}   Tag name. size[64] - datasource(s): system.object-tagging.tags.name
                    next
            next
        set intrazone {allow | deny}   Allow or deny traffic routing between different interfaces in the same zone (default = deny).
                allow  Allow traffic between interfaces in the zone.
                deny   Deny traffic between interfaces in the zone.
        config interface
            edit {interface-name}
            # Add interfaces to this zone. Interfaces must not be assigned to another zone or have firewall policies defined.
                set interface-name {string}   Select two or more interfaces to add to the zone. size[64] - datasource(s): system.interface.name
            next
    next
end

system zone

Introduction.

config system zone
    edit {name}
    # Configure zones to group two or more interfaces. When a zone is created you can configure policies for the zone instead of individual interfaces in the zone.
        set name {string}   Zone name. size[35]
        config tagging
            edit {name}
            # Config object tagging.
                set name {string}   Tagging entry name. size[63]
                set category {string}   Tag category. size[63] - datasource(s): system.object-tagging.category
                config tags
                    edit {name}
                    # Tags.
                        set name {string}   Tag name. size[64] - datasource(s): system.object-tagging.tags.name
                    next
            next
        set intrazone {allow | deny}   Allow or deny traffic routing between different interfaces in the same zone (default = deny).
                allow  Allow traffic between interfaces in the zone.
                deny   Deny traffic between interfaces in the zone.
        config interface
            edit {interface-name}
            # Add interfaces to this zone. Interfaces must not be assigned to another zone or have firewall policies defined.
                set interface-name {string}   Select two or more interfaces to add to the zone. size[64] - datasource(s): system.interface.name
            next
    next
end