Fortinet black logo

CLI Reference

Home FortiGate / FortiOS 6.2.14 CLI Reference

config firewall address

6.2.14
7.4.3
7.4.2
7.4.1
7.4.0
7.2.8
7.2.7
7.2.6
7.2.5
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.0.15
7.0.14
7.0.13
7.0.12
7.0.11
7.0.10
7.0.9
7.0.8
7.0.7
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
6.4.15
6.4.14
6.4.13
6.4.12
6.4.11
6.4.10
6.4.9
6.4.8
6.4.7
6.4.6
6.4.5
6.4.4
6.4.3
6.4.2
6.4.1
6.4.0
6.2.16
6.2.15
6.2.14
6.2.13
6.2.12
6.2.11
6.2.10
6.2.9
6.2.8
6.2.7
6.2.6
6.2.5
6.2.4
6.2.3
6.2.2
6.2.1
6.0.0
5.6.0
5.4.0
5.2.0
5.0.0
Copy Link
Copy Doc ID 7d94702c-d961-11ed-8e6d-fa163e15d75b:233620
Download PDF

config firewall address

Configure IPv4 addresses.

config firewall address
    Description: Configure IPv4 addresses.
    edit <name>
        set allow-routing [enable|disable]
        set associated-interface {string}
        set cache-ttl {integer}
        set clearpass-spt [unknown|healthy|...]
        set color {integer}
        set comment {var-string}
        set country {string}
        set end-ip {ipv4-address-any}
        set end-mac {mac-address}
        set epg-name {string}
        set filter {var-string}
        set fqdn {string}
        set fsso-group <name1>, <name2>, ...
        set interface {string}
        config list
            Description: IP address list.
            edit <ip>
            next
        end
        set obj-id {var-string}
        set organization {string}
        set policy-group {string}
        set sdn {string}
        set sdn-addr-type [private|public|...]
        set sdn-tag {string}
        set start-ip {ipv4-address-any}
        set start-mac {mac-address}
        set sub-type [sdn|clearpass-spt|...]
        set subnet {ipv4-classnet-any}
        set subnet-name {string}
        config tagging
            Description: Config object tagging.
            edit <name>
                set category {string}
                set tags <name1>, <name2>, ...
            next
        end
        set tenant {string}
        set type [ipmask|iprange|...]
        set uuid {uuid}
        set visibility [enable|disable]
        set wildcard {ipv4-classnet-any}
        set wildcard-fqdn {string}
    next
end

config firewall address

Parameter

Description

Type

Size

allow-routing

Enable/disable use of this address in the static route configuration.

option

-

Option

Description

enable

Enable use of this address in the static route configuration.

disable

Disable use of this address in the static route configuration.

associated-interface

Network interface associated with address.

string

Maximum length: 35

cache-ttl

Defines the minimal TTL of individual IP addresses in FQDN cache measured in seconds.

integer

Minimum value: 0 Maximum value: 86400

clearpass-spt

SPT (System Posture Token) value.

option

-

Option

Description

unknown

UNKNOWN.

healthy

HEALTHY.

quarantine

QUARANTINE.

checkup

CHECKUP.

transient

TRANSIENT.

infected

INFECTED.

color

Color of icon on the GUI.

integer

Minimum value: 0 Maximum value: 32

comment

Comment.

var-string

Maximum length: 255

country

IP addresses associated to a specific country.

string

Maximum length: 2

end-ip

Final IP address (inclusive) in the range for the address.

ipv4-address-any

Not Specified

end-mac

Last MAC address in the range.

mac-address

Not Specified

epg-name

Endpoint group name.

string

Maximum length: 255

filter

Match criteria filter.

var-string

Maximum length: 2047

fqdn

Fully Qualified Domain Name address.

string

Maximum length: 255

fsso-group <name>

FSSO group(s).

FSSO group name.

string

Maximum length: 511

interface

Name of interface whose IP address is to be used.

string

Maximum length: 35

name

Address name.

string

Maximum length: 79

obj-id

Object ID for NSX.

var-string

Maximum length: 255

organization

Organization domain name (Syntax: organization/domain).

string

Maximum length: 35

policy-group

Policy group name.

string

Maximum length: 15

sdn

SDN.

string

Maximum length: 35

sdn-addr-type

Type of addresses to collect.

option

-

Option

Description

private

Collect private addresses only.

public

Collect public addresses only.

all

Collect both public and private addresses.

sdn-tag

SDN Tag.

string

Maximum length: 15

start-ip

First IP address (inclusive) in the range for the address.

ipv4-address-any

Not Specified

start-mac

First MAC address in the range.

mac-address

Not Specified

sub-type

Sub-type of address.

option

-

Option

Description

sdn

SDN address.

clearpass-spt

ClearPass SPT (System Posture Token) address.

fsso

FSSO address.

subnet

IP address and subnet mask of address.

ipv4-classnet-any

Not Specified

subnet-name

Subnet name.

string

Maximum length: 255

tenant

Tenant.

string

Maximum length: 35

type

Type of address.

option

-

Option

Description

ipmask

Standard IPv4 address with subnet mask.

iprange

Range of IPv4 addresses between two specified addresses (inclusive).

fqdn

Fully Qualified Domain Name address.

geography

IP addresses from a specified country.

wildcard

Standard IPv4 using a wildcard subnet mask.

dynamic

Dynamic address object.

interface-subnet

IP and subnet of interface.

mac

Range of MAC addresses.

uuid

Universally Unique Identifier (UUID; automatically assigned but can be manually reset).

uuid

Not Specified

visibility

Enable/disable address visibility in the GUI.

option

-

Option

Description

enable

Show in address4 selection.

disable

Hide from address4 selection.

wildcard

IP address and wildcard netmask.

ipv4-classnet-any

Not Specified

wildcard-fqdn

Fully Qualified Domain Name with wildcard characters.

string

Maximum length: 255

config list

Parameter

Description

Type

Size

ip

IP.

string

Maximum length: 35

config tagging

Parameter

Description

Type

Size

name

Tagging entry name.

string

Maximum length: 63

category

Tag category.

string

Maximum length: 63

tags <name>

Tags.

Tag name.

string

Maximum length: 79
Previous
Next

config firewall address

Configure IPv4 addresses.

config firewall address
    Description: Configure IPv4 addresses.
    edit <name>
        set allow-routing [enable|disable]
        set associated-interface {string}
        set cache-ttl {integer}
        set clearpass-spt [unknown|healthy|...]
        set color {integer}
        set comment {var-string}
        set country {string}
        set end-ip {ipv4-address-any}
        set end-mac {mac-address}
        set epg-name {string}
        set filter {var-string}
        set fqdn {string}
        set fsso-group <name1>, <name2>, ...
        set interface {string}
        config list
            Description: IP address list.
            edit <ip>
            next
        end
        set obj-id {var-string}
        set organization {string}
        set policy-group {string}
        set sdn {string}
        set sdn-addr-type [private|public|...]
        set sdn-tag {string}
        set start-ip {ipv4-address-any}
        set start-mac {mac-address}
        set sub-type [sdn|clearpass-spt|...]
        set subnet {ipv4-classnet-any}
        set subnet-name {string}
        config tagging
            Description: Config object tagging.
            edit <name>
                set category {string}
                set tags <name1>, <name2>, ...
            next
        end
        set tenant {string}
        set type [ipmask|iprange|...]
        set uuid {uuid}
        set visibility [enable|disable]
        set wildcard {ipv4-classnet-any}
        set wildcard-fqdn {string}
    next
end

config firewall address

Parameter

Description

Type

Size

allow-routing

Enable/disable use of this address in the static route configuration.

option

-

Option

Description

enable

Enable use of this address in the static route configuration.

disable

Disable use of this address in the static route configuration.

associated-interface

Network interface associated with address.

string

Maximum length: 35

cache-ttl

Defines the minimal TTL of individual IP addresses in FQDN cache measured in seconds.

integer

Minimum value: 0 Maximum value: 86400

clearpass-spt

SPT (System Posture Token) value.

option

-

Option

Description

unknown

UNKNOWN.

healthy

HEALTHY.

quarantine

QUARANTINE.

checkup

CHECKUP.

transient

TRANSIENT.

infected

INFECTED.

color

Color of icon on the GUI.

integer

Minimum value: 0 Maximum value: 32

comment

Comment.

var-string

Maximum length: 255

country

IP addresses associated to a specific country.

string

Maximum length: 2

end-ip

Final IP address (inclusive) in the range for the address.

ipv4-address-any

Not Specified

end-mac

Last MAC address in the range.

mac-address

Not Specified

epg-name

Endpoint group name.

string

Maximum length: 255

filter

Match criteria filter.

var-string

Maximum length: 2047

fqdn

Fully Qualified Domain Name address.

string

Maximum length: 255

fsso-group <name>

FSSO group(s).

FSSO group name.

string

Maximum length: 511

interface

Name of interface whose IP address is to be used.

string

Maximum length: 35

name

Address name.

string

Maximum length: 79

obj-id

Object ID for NSX.

var-string

Maximum length: 255

organization

Organization domain name (Syntax: organization/domain).

string

Maximum length: 35

policy-group

Policy group name.

string

Maximum length: 15

sdn

SDN.

string

Maximum length: 35

sdn-addr-type

Type of addresses to collect.

option

-

Option

Description

private

Collect private addresses only.

public

Collect public addresses only.

all

Collect both public and private addresses.

sdn-tag

SDN Tag.

string

Maximum length: 15

start-ip

First IP address (inclusive) in the range for the address.

ipv4-address-any

Not Specified

start-mac

First MAC address in the range.

mac-address

Not Specified

sub-type

Sub-type of address.

option

-

Option

Description

sdn

SDN address.

clearpass-spt

ClearPass SPT (System Posture Token) address.

fsso

FSSO address.

subnet

IP address and subnet mask of address.

ipv4-classnet-any

Not Specified

subnet-name

Subnet name.

string

Maximum length: 255

tenant

Tenant.

string

Maximum length: 35

type

Type of address.

option

-

Option

Description

ipmask

Standard IPv4 address with subnet mask.

iprange

Range of IPv4 addresses between two specified addresses (inclusive).

fqdn

Fully Qualified Domain Name address.

geography

IP addresses from a specified country.

wildcard

Standard IPv4 using a wildcard subnet mask.

dynamic

Dynamic address object.

interface-subnet

IP and subnet of interface.

mac

Range of MAC addresses.

uuid

Universally Unique Identifier (UUID; automatically assigned but can be manually reset).

uuid

Not Specified

visibility

Enable/disable address visibility in the GUI.

option

-

Option

Description

enable

Show in address4 selection.

disable

Hide from address4 selection.

wildcard

IP address and wildcard netmask.

ipv4-classnet-any

Not Specified

wildcard-fqdn

Fully Qualified Domain Name with wildcard characters.

string

Maximum length: 255

config list

Parameter

Description

Type

Size

ip

IP.

string

Maximum length: 35

config tagging

Parameter

Description

Type

Size

name

Tagging entry name.

string

Maximum length: 63

category

Tag category.

string

Maximum length: 63

tags <name>

Tags.

Tag name.

string

Maximum length: 79
Previous
Next