Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

CLI Reference

config firewall policy46

Configure IPv4 to IPv6 policies.

config firewall policy46

Description: Configure IPv4 to IPv6 policies.

edit <policyid>

set permit-any-host [enable|disable]

set uuid {uuid}

set srcintf {string}

set dstintf {string}

set srcaddr <name1>, <name2>, ...

set dstaddr <name1>, <name2>, ...

set action [accept|deny]

set status [enable|disable]

set schedule {string}

set service <name1>, <name2>, ...

set logtraffic [enable|disable]

set logtraffic-start [enable|disable]

set traffic-shaper {string}

set traffic-shaper-reverse {string}

set per-ip-shaper {string}

set fixedport [enable|disable]

set tcp-mss-sender {integer}

set tcp-mss-receiver {integer}

set comments {var-string}

set ippool [enable|disable]

set poolname <name1>, <name2>, ...

next

end

config firewall policy46

Parameter

Description

Type

Size

permit-any-host

Enable/disable allowing any host.

option

-

 

Option

Description

enable

Allow any host.

disable

Do not allow any host.

uuid

Universally Unique Identifier (UUID; automatically assigned but can be manually reset).

uuid

Not Specified

srcintf

Source interface name.

string

Maximum length: 35

dstintf

Destination interface name.

string

Maximum length: 35

srcaddr <name>

Source address objects.

Address name.

string

Maximum length: 79

dstaddr <name>

Destination address objects.

Address name.

string

Maximum length: 79

action

Accept or deny traffic matching the policy.

option

-

 

Option

Description

accept

Accept matching traffic.

deny

Deny matching traffic.

status

Enable/disable this policy.

option

-

 

Option

Description

enable

Enable this policy.

disable

Disable this policy.

schedule

Schedule name.

string

Maximum length: 35

service <name>

Service name.

Service name.

string

Maximum length: 79

logtraffic

Enable/disable traffic logging for this policy.

option

-

 

Option

Description

enable

Enable traffic logging.

disable

Disable traffic logging.

logtraffic-start

Record logs when a session starts and ends.

option

-

 

Option

Description

enable

Enable setting.

disable

Disable setting.

traffic-shaper

Traffic shaper.

string

Maximum length: 35

traffic-shaper-reverse

Reverse traffic shaper.

string

Maximum length: 35

per-ip-shaper

Per IP traffic shaper.

string

Maximum length: 35

fixedport

Enable/disable fixed port for this policy.

option

-

 

Option

Description

enable

Enable fixed port for this policy.

disable

Disable fixed port for this policy.

tcp-mss-sender

TCP Maximum Segment Size value of sender .

integer

Minimum value: 0 Maximum value: 65535

tcp-mss-receiver

TCP Maximum Segment Size value of receiver

integer

Minimum value: 0 Maximum value: 65535

comments

Comment.

var-string

Maximum length: 1023

ippool

Enable/disable use of IP Pools for source NAT.

option

-

 

Option

Description

enable

Enable use of IP Pools for source NAT.

disable

Disable use of IP Pools for source NAT.

poolname <name>

IP Pool names.

IP pool name.

string

Maximum length: 79

config firewall policy46

Configure IPv4 to IPv6 policies.

config firewall policy46

Description: Configure IPv4 to IPv6 policies.

edit <policyid>

set permit-any-host [enable|disable]

set uuid {uuid}

set srcintf {string}

set dstintf {string}

set srcaddr <name1>, <name2>, ...

set dstaddr <name1>, <name2>, ...

set action [accept|deny]

set status [enable|disable]

set schedule {string}

set service <name1>, <name2>, ...

set logtraffic [enable|disable]

set logtraffic-start [enable|disable]

set traffic-shaper {string}

set traffic-shaper-reverse {string}

set per-ip-shaper {string}

set fixedport [enable|disable]

set tcp-mss-sender {integer}

set tcp-mss-receiver {integer}

set comments {var-string}

set ippool [enable|disable]

set poolname <name1>, <name2>, ...

next

end

config firewall policy46

Parameter

Description

Type

Size

permit-any-host

Enable/disable allowing any host.

option

-

 

Option

Description

enable

Allow any host.

disable

Do not allow any host.

uuid

Universally Unique Identifier (UUID; automatically assigned but can be manually reset).

uuid

Not Specified

srcintf

Source interface name.

string

Maximum length: 35

dstintf

Destination interface name.

string

Maximum length: 35

srcaddr <name>

Source address objects.

Address name.

string

Maximum length: 79

dstaddr <name>

Destination address objects.

Address name.

string

Maximum length: 79

action

Accept or deny traffic matching the policy.

option

-

 

Option

Description

accept

Accept matching traffic.

deny

Deny matching traffic.

status

Enable/disable this policy.

option

-

 

Option

Description

enable

Enable this policy.

disable

Disable this policy.

schedule

Schedule name.

string

Maximum length: 35

service <name>

Service name.

Service name.

string

Maximum length: 79

logtraffic

Enable/disable traffic logging for this policy.

option

-

 

Option

Description

enable

Enable traffic logging.

disable

Disable traffic logging.

logtraffic-start

Record logs when a session starts and ends.

option

-

 

Option

Description

enable

Enable setting.

disable

Disable setting.

traffic-shaper

Traffic shaper.

string

Maximum length: 35

traffic-shaper-reverse

Reverse traffic shaper.

string

Maximum length: 35

per-ip-shaper

Per IP traffic shaper.

string

Maximum length: 35

fixedport

Enable/disable fixed port for this policy.

option

-

 

Option

Description

enable

Enable fixed port for this policy.

disable

Disable fixed port for this policy.

tcp-mss-sender

TCP Maximum Segment Size value of sender .

integer

Minimum value: 0 Maximum value: 65535

tcp-mss-receiver

TCP Maximum Segment Size value of receiver

integer

Minimum value: 0 Maximum value: 65535

comments

Comment.

var-string

Maximum length: 1023

ippool

Enable/disable use of IP Pools for source NAT.

option

-

 

Option

Description

enable

Enable use of IP Pools for source NAT.

disable

Disable use of IP Pools for source NAT.

poolname <name>

IP Pool names.

IP pool name.

string

Maximum length: 79