Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

CLI Reference

config wireless-controller access-control-list

Configure WiFi bridge access control list.

config wireless-controller access-control-list

Description: Configure WiFi bridge access control list.

edit <name>

set comment {string}

config layer3-ipv4-rules

Description: AP ACL layer3 ipv4 rule list.

edit <rule-id>

set comment {string}

set srcaddr {user}

set srcport {integer}

set dstaddr {user}

set dstport {integer}

set protocol {integer}

set action [allow|deny]

next

end

config layer3-ipv6-rules

Description: AP ACL layer3 ipv6 rule list.

edit <rule-id>

set comment {string}

set srcaddr {user}

set srcport {integer}

set dstaddr {user}

set dstport {integer}

set protocol {integer}

set action [allow|deny]

next

end

next

end

config wireless-controller access-control-list

Parameter

Description

Type

Size

Default

comment

Description.

string

Maximum length: 63

config layer3-ipv4-rules

Parameter

Description

Type

Size

Default

comment

Description.

string

Maximum length: 63

srcaddr

Source IP address (any | local-LAN | IPv4 address[/<network mask | mask length>], default = any).

user

Not Specified

srcport

Source port (0 - 65535, default = 0, meaning any).

integer

Minimum value: 0 Maximum value: 65535

0

dstaddr

Destination IP address (any | local-LAN | IPv4 address[/<network mask | mask length>], default = any).

user

Not Specified

dstport

Destination port (0 - 65535, default = 0, meaning any).

integer

Minimum value: 0 Maximum value: 65535

0

protocol

Protocol type as defined by IANA (0 - 255, default = 255, meaning any).

integer

Minimum value: 0 Maximum value: 255

255

action

Policy action (allow | deny).

option

-

 

Option

Description

allow

Allows traffic matching the policy.

deny

Blocks traffic matching the policy.

config layer3-ipv6-rules

Parameter

Description

Type

Size

Default

comment

Description.

string

Maximum length: 63

srcaddr

Source IPv6 address (any | local-LAN | IPv6 address[/prefix length]), default = any.

user

Not Specified

srcport

Source port (0 - 65535, default = 0, meaning any).

integer

Minimum value: 0 Maximum value: 65535

0

dstaddr

Destination IPv6 address (any | local-LAN | IPv6 address[/prefix length]), default = any.

user

Not Specified

dstport

Destination port (0 - 65535, default = 0, meaning any).

integer

Minimum value: 0 Maximum value: 65535

0

protocol

Protocol type as defined by IANA (0 - 255, default = 255, meaning any).

integer

Minimum value: 0 Maximum value: 255

255

action

Policy action (allow | deny).

option

-

 

Option

Description

allow

Allows traffic matching the policy.

deny

Blocks traffic matching the policy.

config wireless-controller access-control-list

Configure WiFi bridge access control list.

config wireless-controller access-control-list

Description: Configure WiFi bridge access control list.

edit <name>

set comment {string}

config layer3-ipv4-rules

Description: AP ACL layer3 ipv4 rule list.

edit <rule-id>

set comment {string}

set srcaddr {user}

set srcport {integer}

set dstaddr {user}

set dstport {integer}

set protocol {integer}

set action [allow|deny]

next

end

config layer3-ipv6-rules

Description: AP ACL layer3 ipv6 rule list.

edit <rule-id>

set comment {string}

set srcaddr {user}

set srcport {integer}

set dstaddr {user}

set dstport {integer}

set protocol {integer}

set action [allow|deny]

next

end

next

end

config wireless-controller access-control-list

Parameter

Description

Type

Size

Default

comment

Description.

string

Maximum length: 63

config layer3-ipv4-rules

Parameter

Description

Type

Size

Default

comment

Description.

string

Maximum length: 63

srcaddr

Source IP address (any | local-LAN | IPv4 address[/<network mask | mask length>], default = any).

user

Not Specified

srcport

Source port (0 - 65535, default = 0, meaning any).

integer

Minimum value: 0 Maximum value: 65535

0

dstaddr

Destination IP address (any | local-LAN | IPv4 address[/<network mask | mask length>], default = any).

user

Not Specified

dstport

Destination port (0 - 65535, default = 0, meaning any).

integer

Minimum value: 0 Maximum value: 65535

0

protocol

Protocol type as defined by IANA (0 - 255, default = 255, meaning any).

integer

Minimum value: 0 Maximum value: 255

255

action

Policy action (allow | deny).

option

-

 

Option

Description

allow

Allows traffic matching the policy.

deny

Blocks traffic matching the policy.

config layer3-ipv6-rules

Parameter

Description

Type

Size

Default

comment

Description.

string

Maximum length: 63

srcaddr

Source IPv6 address (any | local-LAN | IPv6 address[/prefix length]), default = any.

user

Not Specified

srcport

Source port (0 - 65535, default = 0, meaning any).

integer

Minimum value: 0 Maximum value: 65535

0

dstaddr

Destination IPv6 address (any | local-LAN | IPv6 address[/prefix length]), default = any.

user

Not Specified

dstport

Destination port (0 - 65535, default = 0, meaning any).

integer

Minimum value: 0 Maximum value: 65535

0

protocol

Protocol type as defined by IANA (0 - 255, default = 255, meaning any).

integer

Minimum value: 0 Maximum value: 255

255

action

Policy action (allow | deny).

option

-

 

Option

Description

allow

Allows traffic matching the policy.

deny

Blocks traffic matching the policy.