Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

CLI Reference

config firewall multicast-policy

Configure multicast NAT policies.

config firewall multicast-policy

Description: Configure multicast NAT policies.

edit <id>

set uuid {uuid}

set name {string}

set comments {var-string}

set status [enable|disable]

set logtraffic [enable|disable]

set srcintf {string}

set dstintf {string}

set srcaddr <name1>, <name2>, ...

set dstaddr <name1>, <name2>, ...

set snat [enable|disable]

set snat-ip {ipv4-address}

set dnat {ipv4-address-any}

set action [accept|deny]

set protocol {integer}

set start-port {integer}

set end-port {integer}

set auto-asic-offload [enable|disable]

next

end

config firewall multicast-policy

Parameter

Description

Type

Size

Default

uuid

Universally Unique Identifier (UUID; automatically assigned but can be manually reset).

uuid

Not Specified

00000000-0000-0000-0000-000000000000

name

Policy name.

string

Maximum length: 35

comments

Comment.

var-string

Maximum length: 1023

status

Enable/disable this policy.

option

-

enable

 

Option

Description

enable

Enable this policy.

disable

Disable this policy.

logtraffic

Enable/disable logging traffic accepted by this policy.

option

-

disable

 

Option

Description

enable

Enable logging traffic accepted by this policy.

disable

Disable logging traffic accepted by this policy.

srcintf

Source interface name.

string

Maximum length: 35

dstintf

Destination interface name.

string

Maximum length: 35

srcaddr <name>

Source address objects.

Source address objects.

string

Maximum length: 79

dstaddr <name>

Destination address objects.

Destination address objects.

string

Maximum length: 79

snat

Enable/disable substitution of the outgoing interface IP address for the original source IP address (called source NAT or SNAT).

option

-

disable

 

Option

Description

enable

Enable source NAT.

disable

Disable source NAT.

snat-ip

IPv4 address to be used as the source address for NATed traffic.

ipv4-address

Not Specified

0.0.0.0

dnat

IPv4 DNAT address used for multicast destination addresses.

ipv4-address-any

Not Specified

0.0.0.0

action

Accept or deny traffic matching the policy.

option

-

accept

 

Option

Description

accept

Accept traffic matching the policy.

deny

Deny or block traffic matching the policy.

protocol

Integer value for the protocol type as defined by IANA .

integer

Minimum value: 0 Maximum value: 255

0

start-port

Integer value for starting TCP/UDP/SCTP destination port in range .

integer

Minimum value: 0 Maximum value: 65535

1

end-port

Integer value for ending TCP/UDP/SCTP destination port in range .

integer

Minimum value: 0 Maximum value: 65535

65535

auto-asic-offload

Enable/disable offloading policy traffic for hardware acceleration.

option

-

enable

 

Option

Description

enable

Enable hardware acceleration offloading.

disable

Disable offloading for hardware acceleration.

config firewall multicast-policy

Configure multicast NAT policies.

config firewall multicast-policy

Description: Configure multicast NAT policies.

edit <id>

set uuid {uuid}

set name {string}

set comments {var-string}

set status [enable|disable]

set logtraffic [enable|disable]

set srcintf {string}

set dstintf {string}

set srcaddr <name1>, <name2>, ...

set dstaddr <name1>, <name2>, ...

set snat [enable|disable]

set snat-ip {ipv4-address}

set dnat {ipv4-address-any}

set action [accept|deny]

set protocol {integer}

set start-port {integer}

set end-port {integer}

set auto-asic-offload [enable|disable]

next

end

config firewall multicast-policy

Parameter

Description

Type

Size

Default

uuid

Universally Unique Identifier (UUID; automatically assigned but can be manually reset).

uuid

Not Specified

00000000-0000-0000-0000-000000000000

name

Policy name.

string

Maximum length: 35

comments

Comment.

var-string

Maximum length: 1023

status

Enable/disable this policy.

option

-

enable

 

Option

Description

enable

Enable this policy.

disable

Disable this policy.

logtraffic

Enable/disable logging traffic accepted by this policy.

option

-

disable

 

Option

Description

enable

Enable logging traffic accepted by this policy.

disable

Disable logging traffic accepted by this policy.

srcintf

Source interface name.

string

Maximum length: 35

dstintf

Destination interface name.

string

Maximum length: 35

srcaddr <name>

Source address objects.

Source address objects.

string

Maximum length: 79

dstaddr <name>

Destination address objects.

Destination address objects.

string

Maximum length: 79

snat

Enable/disable substitution of the outgoing interface IP address for the original source IP address (called source NAT or SNAT).

option

-

disable

 

Option

Description

enable

Enable source NAT.

disable

Disable source NAT.

snat-ip

IPv4 address to be used as the source address for NATed traffic.

ipv4-address

Not Specified

0.0.0.0

dnat

IPv4 DNAT address used for multicast destination addresses.

ipv4-address-any

Not Specified

0.0.0.0

action

Accept or deny traffic matching the policy.

option

-

accept

 

Option

Description

accept

Accept traffic matching the policy.

deny

Deny or block traffic matching the policy.

protocol

Integer value for the protocol type as defined by IANA .

integer

Minimum value: 0 Maximum value: 255

0

start-port

Integer value for starting TCP/UDP/SCTP destination port in range .

integer

Minimum value: 0 Maximum value: 65535

1

end-port

Integer value for ending TCP/UDP/SCTP destination port in range .

integer

Minimum value: 0 Maximum value: 65535

65535

auto-asic-offload

Enable/disable offloading policy traffic for hardware acceleration.

option

-

enable

 

Option

Description

enable

Enable hardware acceleration offloading.

disable

Disable offloading for hardware acceleration.