Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

CLI Reference

config firewall multicast-policy

Configure multicast NAT policies.

config firewall multicast-policy

Description: Configure multicast NAT policies.

edit <id>

set status [enable|disable]

set logtraffic [enable|disable]

set srcintf {string}

set dstintf {string}

set srcaddr <name1>, <name2>, ...

set dstaddr <name1>, <name2>, ...

set snat [enable|disable]

set snat-ip {ipv4-address}

set dnat {ipv4-address-any}

set action [accept|deny]

set protocol {integer}

set start-port {integer}

set end-port {integer}

set auto-asic-offload [enable|disable]

next

end

config firewall multicast-policy

Parameter name

Description

Type

Size

status

Enable/disable this policy.

option

-

 

Option

Description

enable

Enable this policy.

disable

Disable this policy.

logtraffic

Enable/disable logging traffic accepted by this policy.

option

-

 

Option

Description

enable

Enable logging traffic accepted by this policy.

disable

Disable logging traffic accepted by this policy.

srcintf

Source interface name.

string

Maximum length: 35

dstintf

Destination interface name.

string

Maximum length: 35

srcaddr <name>

Source address objects.

Source address objects.

string

Maximum length: 79

dstaddr <name>

Destination address objects.

Destination address objects.

string

Maximum length: 79

snat

Enable/disable substitution of the outgoing interface IP address for the original source IP address (called source NAT or SNAT).

option

-

 

Option

Description

enable

Enable source NAT.

disable

Disable source NAT.

snat-ip

IPv4 address to be used as the source address for NATed traffic.

ipv4-address

Not Specified

dnat

IPv4 DNAT address used for multicast destination addresses.

ipv4-address-any

Not Specified

action

Accept or deny traffic matching the policy.

option

-

 

Option

Description

accept

Accept traffic matching the policy.

deny

Deny or block traffic matching the policy.

protocol

Integer value for the protocol type as defined by IANA (0 - 255, default = 0).

integer

Minimum value: 0 Maximum value: 255

start-port

Integer value for starting TCP/UDP/SCTP destination port in range (1 - 65535, default = 1).

integer

Minimum value: 0 Maximum value: 65535

end-port

Integer value for ending TCP/UDP/SCTP destination port in range (1 - 65535, default = 1).

integer

Minimum value: 0 Maximum value: 65535

auto-asic-offload

Enable/disable offloading policy traffic for hardware acceleration.

option

-

 

Option

Description

enable

Enable hardware acceleration offloading.

disable

Disable offloading for hardware acceleration.

config firewall multicast-policy

Configure multicast NAT policies.

config firewall multicast-policy

Description: Configure multicast NAT policies.

edit <id>

set status [enable|disable]

set logtraffic [enable|disable]

set srcintf {string}

set dstintf {string}

set srcaddr <name1>, <name2>, ...

set dstaddr <name1>, <name2>, ...

set snat [enable|disable]

set snat-ip {ipv4-address}

set dnat {ipv4-address-any}

set action [accept|deny]

set protocol {integer}

set start-port {integer}

set end-port {integer}

set auto-asic-offload [enable|disable]

next

end

config firewall multicast-policy

Parameter name

Description

Type

Size

status

Enable/disable this policy.

option

-

 

Option

Description

enable

Enable this policy.

disable

Disable this policy.

logtraffic

Enable/disable logging traffic accepted by this policy.

option

-

 

Option

Description

enable

Enable logging traffic accepted by this policy.

disable

Disable logging traffic accepted by this policy.

srcintf

Source interface name.

string

Maximum length: 35

dstintf

Destination interface name.

string

Maximum length: 35

srcaddr <name>

Source address objects.

Source address objects.

string

Maximum length: 79

dstaddr <name>

Destination address objects.

Destination address objects.

string

Maximum length: 79

snat

Enable/disable substitution of the outgoing interface IP address for the original source IP address (called source NAT or SNAT).

option

-

 

Option

Description

enable

Enable source NAT.

disable

Disable source NAT.

snat-ip

IPv4 address to be used as the source address for NATed traffic.

ipv4-address

Not Specified

dnat

IPv4 DNAT address used for multicast destination addresses.

ipv4-address-any

Not Specified

action

Accept or deny traffic matching the policy.

option

-

 

Option

Description

accept

Accept traffic matching the policy.

deny

Deny or block traffic matching the policy.

protocol

Integer value for the protocol type as defined by IANA (0 - 255, default = 0).

integer

Minimum value: 0 Maximum value: 255

start-port

Integer value for starting TCP/UDP/SCTP destination port in range (1 - 65535, default = 1).

integer

Minimum value: 0 Maximum value: 65535

end-port

Integer value for ending TCP/UDP/SCTP destination port in range (1 - 65535, default = 1).

integer

Minimum value: 0 Maximum value: 65535

auto-asic-offload

Enable/disable offloading policy traffic for hardware acceleration.

option

-

 

Option

Description

enable

Enable hardware acceleration offloading.

disable

Disable offloading for hardware acceleration.