Fortinet Document Library

Version:


Table of Contents

CLI Reference

6.0.6
Download PDF
Copy Link

user device-access-list

Use this command to configure device lists for use on interfaces with device identification enabled.

config user device-access-list
    edit {name}
    # Configure device access control lists.
        set name {string}   Device access list name. size[35]
        set default-action {accept | deny}   Accept or deny unknown/unspecified devices.
                accept  Accept.
                deny    Deny.
        config device-list
            edit {id}
            # Device list.
                set id {integer}   Entry ID. range[0-4294967295]
                set device {string}   Firewall device or device group. size[35] - datasource(s): user.device.alias,user.device-group.name,user.device-category.name
                set action {accept | deny}   Allow or block device.
                        accept  Accept.
                        deny    Deny.
            next
    next
end

Additional information

The following section is for those options that require additional explanation.

action {accept | deny}

Accept (by default) or deny the device.

config device-list

A configuration method to create device name entries and define their action.

default-action {accept | deny}

Select whether to accept (by default) or deny unknown/unspecified devices.

device <device-group>

Enter the firewall device or device group.

user device-access-list

Use this command to configure device lists for use on interfaces with device identification enabled.

config user device-access-list
    edit {name}
    # Configure device access control lists.
        set name {string}   Device access list name. size[35]
        set default-action {accept | deny}   Accept or deny unknown/unspecified devices.
                accept  Accept.
                deny    Deny.
        config device-list
            edit {id}
            # Device list.
                set id {integer}   Entry ID. range[0-4294967295]
                set device {string}   Firewall device or device group. size[35] - datasource(s): user.device.alias,user.device-group.name,user.device-category.name
                set action {accept | deny}   Allow or block device.
                        accept  Accept.
                        deny    Deny.
            next
    next
end

Additional information

The following section is for those options that require additional explanation.

action {accept | deny}

Accept (by default) or deny the device.

config device-list

A configuration method to create device name entries and define their action.

default-action {accept | deny}

Select whether to accept (by default) or deny unknown/unspecified devices.

device <device-group>

Enter the firewall device or device group.