Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

CLI Reference

config firewall ippool

Configure IPv4 IP pools.

config firewall ippool

Description: Configure IPv4 IP pools.

edit <name>

set type [overload|one-to-one|...]

set startip {ipv4-address-any}

set endip {ipv4-address-any}

set source-startip {ipv4-address-any}

set source-endip {ipv4-address-any}

set block-size {integer}

set num-blocks-per-user {integer}

set pba-timeout {integer}

set permit-any-host [disable|enable]

set arp-reply [disable|enable]

set arp-intf {string}

set associated-interface {string}

set comments {var-string}

next

end

config firewall ippool

Parameter

Description

Type

Size

Default

type

IP pool type (overload, one-to-one, fixed port range, or port block allocation).

option

-

overload

 

Option

Description

overload

IP addresses in the IP pool can be shared by clients.

one-to-one

One to one mapping.

fixed-port-range

Fixed port range.

port-block-allocation

Port block allocation.

startip

First IPv4 address (inclusive) in the range for the address pool (format xxx.xxx.xxx.xxx, Default: 0.0.0.0).

ipv4-address-any

Not Specified

0.0.0.0

endip

Final IPv4 address (inclusive) in the range for the address pool (format xxx.xxx.xxx.xxx, Default: 0.0.0.0).

ipv4-address-any

Not Specified

0.0.0.0

source-startip

First IPv4 address (inclusive) in the range of the source addresses to be translated (format xxx.xxx.xxx.xxx, Default: 0.0.0.0).

ipv4-address-any

Not Specified

0.0.0.0

source-endip

Final IPv4 address (inclusive) in the range of the source addresses to be translated (format xxx.xxx.xxx.xxx, Default: 0.0.0.0).

ipv4-address-any

Not Specified

0.0.0.0

block-size

Number of addresses in a block (64 to 4096, default = 128).

integer

Minimum value: 64 Maximum value: 4096

128

num-blocks-per-user

Number of addresses blocks that can be used by a user (1 to 128, default = 8).

integer

Minimum value: 1 Maximum value: 128

8

pba-timeout

Port block allocation timeout (seconds).

integer

Minimum value: 3 Maximum value: 300

30

permit-any-host

Enable/disable full cone NAT.

option

-

disable

 

Option

Description

disable

Disable full cone NAT.

enable

Enable full cone NAT.

arp-reply

Enable/disable replying to ARP requests when an IP Pool is added to a policy (default = enable).

option

-

enable

 

Option

Description

disable

Disable ARP reply.

enable

Enable ARP reply.

arp-intf

Select an interface from available options that will reply to ARP requests. (If blank, any is selected).

string

Maximum length: 15

associated-interface

Associated interface name.

string

Maximum length: 15

comments

Comment.

var-string

Maximum length: 255

config firewall ippool

Configure IPv4 IP pools.

config firewall ippool

Description: Configure IPv4 IP pools.

edit <name>

set type [overload|one-to-one|...]

set startip {ipv4-address-any}

set endip {ipv4-address-any}

set source-startip {ipv4-address-any}

set source-endip {ipv4-address-any}

set block-size {integer}

set num-blocks-per-user {integer}

set pba-timeout {integer}

set permit-any-host [disable|enable]

set arp-reply [disable|enable]

set arp-intf {string}

set associated-interface {string}

set comments {var-string}

next

end

config firewall ippool

Parameter

Description

Type

Size

Default

type

IP pool type (overload, one-to-one, fixed port range, or port block allocation).

option

-

overload

 

Option

Description

overload

IP addresses in the IP pool can be shared by clients.

one-to-one

One to one mapping.

fixed-port-range

Fixed port range.

port-block-allocation

Port block allocation.

startip

First IPv4 address (inclusive) in the range for the address pool (format xxx.xxx.xxx.xxx, Default: 0.0.0.0).

ipv4-address-any

Not Specified

0.0.0.0

endip

Final IPv4 address (inclusive) in the range for the address pool (format xxx.xxx.xxx.xxx, Default: 0.0.0.0).

ipv4-address-any

Not Specified

0.0.0.0

source-startip

First IPv4 address (inclusive) in the range of the source addresses to be translated (format xxx.xxx.xxx.xxx, Default: 0.0.0.0).

ipv4-address-any

Not Specified

0.0.0.0

source-endip

Final IPv4 address (inclusive) in the range of the source addresses to be translated (format xxx.xxx.xxx.xxx, Default: 0.0.0.0).

ipv4-address-any

Not Specified

0.0.0.0

block-size

Number of addresses in a block (64 to 4096, default = 128).

integer

Minimum value: 64 Maximum value: 4096

128

num-blocks-per-user

Number of addresses blocks that can be used by a user (1 to 128, default = 8).

integer

Minimum value: 1 Maximum value: 128

8

pba-timeout

Port block allocation timeout (seconds).

integer

Minimum value: 3 Maximum value: 300

30

permit-any-host

Enable/disable full cone NAT.

option

-

disable

 

Option

Description

disable

Disable full cone NAT.

enable

Enable full cone NAT.

arp-reply

Enable/disable replying to ARP requests when an IP Pool is added to a policy (default = enable).

option

-

enable

 

Option

Description

disable

Disable ARP reply.

enable

Enable ARP reply.

arp-intf

Select an interface from available options that will reply to ARP requests. (If blank, any is selected).

string

Maximum length: 15

associated-interface

Associated interface name.

string

Maximum length: 15

comments

Comment.

var-string

Maximum length: 255