Fortinet black logo

New Features

MAC address wildcard in firewall address

Copy Link
Copy Doc ID 4f6cd3c1-22cb-11eb-96b9-00505692583a:742877
Download PDF

Wildcard MAC addresses can be used in firewall address so users can easily use pattern matching, like vendor prefix, to define a group of addresses. The MAC address range is now defined by specifying a <start>-<end> in a single field separated by a space, instead of defining a start-mac and end-mac. Multiple addresses can be defined in a single line.

To configure multiple wildcard MAC addresses in the GUI:
  1. Go to Policy & Objects > Addresses and click Create New > Address.
  2. Enter a name.
  3. For Type, select Device (MAC Address).
  4. In the MAC address field, enter the wildcard address. Click the + to add more addresses.

  5. Click OK.
To configure multiple wildcard MAC addresses in the CLI:
config firewall address
    edit "Demo-wildcard-mac-1"
        set type mac
        set macaddr "00:0c:29:b5:**:8d" "00:0a:29:b5:c2:**" "04:d5:90:04:??:??"
    next
end

Wildcard MAC addresses can be used in firewall address so users can easily use pattern matching, like vendor prefix, to define a group of addresses. The MAC address range is now defined by specifying a <start>-<end> in a single field separated by a space, instead of defining a start-mac and end-mac. Multiple addresses can be defined in a single line.

To configure multiple wildcard MAC addresses in the GUI:
  1. Go to Policy & Objects > Addresses and click Create New > Address.
  2. Enter a name.
  3. For Type, select Device (MAC Address).
  4. In the MAC address field, enter the wildcard address. Click the + to add more addresses.

  5. Click OK.
To configure multiple wildcard MAC addresses in the CLI:
config firewall address
    edit "Demo-wildcard-mac-1"
        set type mac
        set macaddr "00:0c:29:b5:**:8d" "00:0a:29:b5:c2:**" "04:d5:90:04:??:??"
    next
end