Fortinet Document Library

Version:


Table of Contents

CLI Reference

6.2.1
Copy Link

Configure zones to group two or more interfaces. When a zone is created you can configure policies for the zone instead of individual interfaces in the zone.

  config system zone
      Description: Configure zones to group two or more interfaces. When a zone is created you can configure policies for the zone instead of individual interfaces in the zone.
      edit <name>
          config tagging
              Description: Config object tagging.
              edit <name>
                  set category {string}
                  set tags <name1>, <name2>, ...
              next
          end
          set description {string}
          set intrazone [allow|deny]
          set interface <interface-name1>, <interface-name2>, ...
      next
  end

config system zone

Parameter Name Description Type Size
description Description. string Maximum length: 127
intrazone Allow or deny traffic routing between different interfaces in the same zone (default = deny).
allow: Allow traffic between interfaces in the zone.
deny: Deny traffic between interfaces in the zone.
option -
interface <interface-name> Add interfaces to this zone. Interfaces must not be assigned to another zone or have firewall policies defined.
Select interfaces to add to the zone.
string Maximum length: 79

config tagging

Parameter Name Description Type Size
category Tag category. string Maximum length: 63
tags <name> Tags.
Tag name.
string Maximum length: 79

Configure zones to group two or more interfaces. When a zone is created you can configure policies for the zone instead of individual interfaces in the zone.

  config system zone
      Description: Configure zones to group two or more interfaces. When a zone is created you can configure policies for the zone instead of individual interfaces in the zone.
      edit <name>
          config tagging
              Description: Config object tagging.
              edit <name>
                  set category {string}
                  set tags <name1>, <name2>, ...
              next
          end
          set description {string}
          set intrazone [allow|deny]
          set interface <interface-name1>, <interface-name2>, ...
      next
  end

config system zone

Parameter Name Description Type Size
description Description. string Maximum length: 127
intrazone Allow or deny traffic routing between different interfaces in the same zone (default = deny).
allow: Allow traffic between interfaces in the zone.
deny: Deny traffic between interfaces in the zone.
option -
interface <interface-name> Add interfaces to this zone. Interfaces must not be assigned to another zone or have firewall policies defined.
Select interfaces to add to the zone.
string Maximum length: 79

config tagging

Parameter Name Description Type Size
category Tag category. string Maximum length: 63
tags <name> Tags.
Tag name.
string Maximum length: 79