Fortinet black logo

CLI Reference

firewall ippool

Configure IPv4 IP pools.

  config firewall ippool
      Description: Configure IPv4 IP pools.
      edit <name>
          set type [overload|one-to-one|...]
          set startip {ipv4-address-any}
          set endip {ipv4-address-any}
          set source-startip {ipv4-address-any}
          set source-endip {ipv4-address-any}
          set block-size {integer}
          set num-blocks-per-user {integer}
          set pba-timeout {integer}
          set permit-any-host [disable|enable]
          set arp-reply [disable|enable]
          set arp-intf {string}
          set associated-interface {string}
          set comments {var-string}
      next
  end

config firewall ippool

Parameter Name Description Type Size
type IP pool type (overload, one-to-one, fixed port range, or port block allocation).
overload: IP addresses in the IP pool can be shared by clients.
one-to-one: One to one mapping.
fixed-port-range: Fixed port range.
port-block-allocation: Port block allocation.
option -
startip First IPv4 address (inclusive) in the range for the address pool (format xxx.xxx.xxx.xxx, Default: 0.0.0.0). ipv4-address-any Not Specified
endip Final IPv4 address (inclusive) in the range for the address pool (format xxx.xxx.xxx.xxx, Default: 0.0.0.0). ipv4-address-any Not Specified
source-startip First IPv4 address (inclusive) in the range of the source addresses to be translated (format xxx.xxx.xxx.xxx, Default: 0.0.0.0). ipv4-address-any Not Specified
source-endip Final IPv4 address (inclusive) in the range of the source addresses to be translated (format xxx.xxx.xxx.xxx, Default: 0.0.0.0). ipv4-address-any Not Specified
block-size Number of addresses in a block (64 to 4096, default = 128). integer Minimum value: 64 Maximum value: 4096
num-blocks-per-user Number of addresses blocks that can be used by a user (1 to 128, default = 8). integer Minimum value: 1 Maximum value: 128
pba-timeout Port block allocation timeout (seconds). integer Minimum value: 3 Maximum value: 300
permit-any-host Enable/disable full cone NAT.
disable: Disable full cone NAT.
enable: Enable full cone NAT.
option -
arp-reply Enable/disable replying to ARP requests when an IP Pool is added to a policy (default = enable).
disable: Disable ARP reply.
enable: Enable ARP reply.
option -
arp-intf Select an interface from available options that will reply to ARP requests. (If blank, any is selected). string Maximum length: 15
associated-interface Associated interface name. string Maximum length: 15
comments Comment. var-string Maximum length: 255

Configure IPv4 IP pools.

  config firewall ippool
      Description: Configure IPv4 IP pools.
      edit <name>
          set type [overload|one-to-one|...]
          set startip {ipv4-address-any}
          set endip {ipv4-address-any}
          set source-startip {ipv4-address-any}
          set source-endip {ipv4-address-any}
          set block-size {integer}
          set num-blocks-per-user {integer}
          set pba-timeout {integer}
          set permit-any-host [disable|enable]
          set arp-reply [disable|enable]
          set arp-intf {string}
          set associated-interface {string}
          set comments {var-string}
      next
  end

config firewall ippool

Parameter Name Description Type Size
type IP pool type (overload, one-to-one, fixed port range, or port block allocation).
overload: IP addresses in the IP pool can be shared by clients.
one-to-one: One to one mapping.
fixed-port-range: Fixed port range.
port-block-allocation: Port block allocation.
option -
startip First IPv4 address (inclusive) in the range for the address pool (format xxx.xxx.xxx.xxx, Default: 0.0.0.0). ipv4-address-any Not Specified
endip Final IPv4 address (inclusive) in the range for the address pool (format xxx.xxx.xxx.xxx, Default: 0.0.0.0). ipv4-address-any Not Specified
source-startip First IPv4 address (inclusive) in the range of the source addresses to be translated (format xxx.xxx.xxx.xxx, Default: 0.0.0.0). ipv4-address-any Not Specified
source-endip Final IPv4 address (inclusive) in the range of the source addresses to be translated (format xxx.xxx.xxx.xxx, Default: 0.0.0.0). ipv4-address-any Not Specified
block-size Number of addresses in a block (64 to 4096, default = 128). integer Minimum value: 64 Maximum value: 4096
num-blocks-per-user Number of addresses blocks that can be used by a user (1 to 128, default = 8). integer Minimum value: 1 Maximum value: 128
pba-timeout Port block allocation timeout (seconds). integer Minimum value: 3 Maximum value: 300
permit-any-host Enable/disable full cone NAT.
disable: Disable full cone NAT.
enable: Enable full cone NAT.
option -
arp-reply Enable/disable replying to ARP requests when an IP Pool is added to a policy (default = enable).
disable: Disable ARP reply.
enable: Enable ARP reply.
option -
arp-intf Select an interface from available options that will reply to ARP requests. (If blank, any is selected). string Maximum length: 15
associated-interface Associated interface name. string Maximum length: 15
comments Comment. var-string Maximum length: 255