Fortinet black logo

CLI Reference

config firewall multicast-policy

config firewall multicast-policy

Configure multicast NAT policies.

config firewall multicast-policy

Description: Configure multicast NAT policies.

edit <id>

set status [enable|disable]

set logtraffic [enable|disable]

set srcintf {string}

set dstintf {string}

set srcaddr <name1>, <name2>, ...

set dstaddr <name1>, <name2>, ...

set snat [enable|disable]

set snat-ip {ipv4-address}

set dnat {ipv4-address-any}

set action [accept|deny]

set protocol {integer}

set start-port {integer}

set end-port {integer}

set auto-asic-offload [enable|disable]

next

end

config firewall multicast-policy

Parameter

Description

Type

Size

status

Enable/disable this policy.

option

-

Option

Description

enable

Enable this policy.

disable

Disable this policy.

logtraffic

Enable/disable logging traffic accepted by this policy.

option

-

Option

Description

enable

Enable logging traffic accepted by this policy.

disable

Disable logging traffic accepted by this policy.

srcintf

Source interface name.

string

Not Specified

dstintf

Destination interface name.

string

Not Specified

srcaddr <name>

Source address objects.

Source address objects.

string

Maximum length: 79

dstaddr <name>

Destination address objects.

Destination address objects.

string

Maximum length: 79

snat

Enable/disable substitution of the outgoing interface IP address for the original source IP address (called source NAT or SNAT).

option

-

Option

Description

enable

Enable source NAT.

disable

Disable source NAT.

snat-ip

IPv4 address to be used as the source address for NATed traffic.

ipv4-address

Not Specified

dnat

IPv4 DNAT address used for multicast destination addresses.

ipv4-address-any

Not Specified

action

Accept or deny traffic matching the policy.

option

-

Option

Description

accept

Accept traffic matching the policy.

deny

Deny or block traffic matching the policy.

protocol

Integer value for the protocol type as defined by IANA .

integer

Minimum value: 0 Maximum value: 255

start-port

Integer value for starting TCP/UDP/SCTP destination port in range .

integer

Minimum value: 0 Maximum value: 65535

end-port

Integer value for ending TCP/UDP/SCTP destination port in range .

integer

Minimum value: 0 Maximum value: 65535

auto-asic-offload

Enable/disable offloading policy traffic for hardware acceleration.

option

-

Option

Description

enable

Enable hardware acceleration offloading.

disable

Disable offloading for hardware acceleration.

config firewall multicast-policy

Configure multicast NAT policies.

config firewall multicast-policy

Description: Configure multicast NAT policies.

edit <id>

set status [enable|disable]

set logtraffic [enable|disable]

set srcintf {string}

set dstintf {string}

set srcaddr <name1>, <name2>, ...

set dstaddr <name1>, <name2>, ...

set snat [enable|disable]

set snat-ip {ipv4-address}

set dnat {ipv4-address-any}

set action [accept|deny]

set protocol {integer}

set start-port {integer}

set end-port {integer}

set auto-asic-offload [enable|disable]

next

end

config firewall multicast-policy

Parameter

Description

Type

Size

status

Enable/disable this policy.

option

-

Option

Description

enable

Enable this policy.

disable

Disable this policy.

logtraffic

Enable/disable logging traffic accepted by this policy.

option

-

Option

Description

enable

Enable logging traffic accepted by this policy.

disable

Disable logging traffic accepted by this policy.

srcintf

Source interface name.

string

Not Specified

dstintf

Destination interface name.

string

Not Specified

srcaddr <name>

Source address objects.

Source address objects.

string

Maximum length: 79

dstaddr <name>

Destination address objects.

Destination address objects.

string

Maximum length: 79

snat

Enable/disable substitution of the outgoing interface IP address for the original source IP address (called source NAT or SNAT).

option

-

Option

Description

enable

Enable source NAT.

disable

Disable source NAT.

snat-ip

IPv4 address to be used as the source address for NATed traffic.

ipv4-address

Not Specified

dnat

IPv4 DNAT address used for multicast destination addresses.

ipv4-address-any

Not Specified

action

Accept or deny traffic matching the policy.

option

-

Option

Description

accept

Accept traffic matching the policy.

deny

Deny or block traffic matching the policy.

protocol

Integer value for the protocol type as defined by IANA .

integer

Minimum value: 0 Maximum value: 255

start-port

Integer value for starting TCP/UDP/SCTP destination port in range .

integer

Minimum value: 0 Maximum value: 65535

end-port

Integer value for ending TCP/UDP/SCTP destination port in range .

integer

Minimum value: 0 Maximum value: 65535

auto-asic-offload

Enable/disable offloading policy traffic for hardware acceleration.

option

-

Option

Description

enable

Enable hardware acceleration offloading.

disable

Disable offloading for hardware acceleration.