Fortinet black logo

CLI Reference

config router access-list

config router access-list

Configure access lists.

config router access-list
    Description: Configure access lists.
    edit <name>
        set comments {string}
        config rule
            Description: Rule.
            edit <id>
                set action [permit|deny]
                set prefix {user}
                set wildcard {user}
                set exact-match [enable|disable]
                set flags {integer}
            next
        end
    next
end

config router access-list

Parameter

Description

Type

Size

Default

comments

Comment.

string

Maximum length: 127

name

Name.

string

Maximum length: 35

config rule

Parameter

Description

Type

Size

Default

id

Rule ID.

integer

Minimum value: 0 Maximum value: 4294967295

0

action

Permit or deny this IP address and netmask prefix.

option

-

permit

Option

Description

permit

Permit or allow this IP address and netmask prefix.

deny

Deny this IP address and netmask prefix.

prefix

IPv4 prefix to define regular filter criteria, such as "any" or subnets.

user

Not Specified

wildcard

Wildcard to define Cisco-style wildcard filter criteria.

user

Not Specified

exact-match

Enable/disable exact match.

option

-

disable

Option

Description

enable

Enable exact match.

disable

Disable exact match.

flags

Flags.

integer

Minimum value: 0 Maximum value: 4294967295

0

config router access-list

Configure access lists.

config router access-list
    Description: Configure access lists.
    edit <name>
        set comments {string}
        config rule
            Description: Rule.
            edit <id>
                set action [permit|deny]
                set prefix {user}
                set wildcard {user}
                set exact-match [enable|disable]
                set flags {integer}
            next
        end
    next
end

config router access-list

Parameter

Description

Type

Size

Default

comments

Comment.

string

Maximum length: 127

name

Name.

string

Maximum length: 35

config rule

Parameter

Description

Type

Size

Default

id

Rule ID.

integer

Minimum value: 0 Maximum value: 4294967295

0

action

Permit or deny this IP address and netmask prefix.

option

-

permit

Option

Description

permit

Permit or allow this IP address and netmask prefix.

deny

Deny this IP address and netmask prefix.

prefix

IPv4 prefix to define regular filter criteria, such as "any" or subnets.

user

Not Specified

wildcard

Wildcard to define Cisco-style wildcard filter criteria.

user

Not Specified

exact-match

Enable/disable exact match.

option

-

disable

Option

Description

enable

Enable exact match.

disable

Disable exact match.

flags

Flags.

integer

Minimum value: 0 Maximum value: 4294967295

0