Fortinet black logo

CLI Reference

config firewall central-snat-map

config firewall central-snat-map

Configure IPv4 and IPv6 central SNAT policies.

config firewall central-snat-map

Description: Configure IPv4 and IPv6 central SNAT policies.

edit <policyid>

set uuid {uuid}

set status [enable|disable]

set type [ipv4|ipv6]

set srcintf <name1>, <name2>, ...

set dstintf <name1>, <name2>, ...

set orig-addr <name1>, <name2>, ...

set orig-addr6 <name1>, <name2>, ...

set dst-addr <name1>, <name2>, ...

set dst-addr6 <name1>, <name2>, ...

set protocol {integer}

set orig-port {user}

set nat [disable|enable]

set nat46 [enable|disable]

set nat64 [enable|disable]

set nat-ippool <name1>, <name2>, ...

set nat-ippool6 <name1>, <name2>, ...

set nat-port {user}

set comments {var-string}

next

end

config firewall central-snat-map

Parameter

Description

Type

Size

Default

uuid

Universally Unique Identifier (UUID; automatically assigned but can be manually reset).

uuid

Not Specified

00000000-0000-0000-0000-000000000000

status

Enable/disable the active status of this policy.

option

-

enable

Option

Description

enable

Enable this policy.

disable

Disable this policy.

type

IPv4/IPv6 source NAT.

option

-

ipv4

Option

Description

ipv4

Perform IPv4 source NAT.

ipv6

Perform IPv6 source NAT.

srcintf <name>

Source interface name from available interfaces.

Interface name.

string

Maximum length: 79

dstintf <name>

Destination interface name from available interfaces.

Interface name.

string

Maximum length: 79

orig-addr <name>

IPv4 Original address.

Address name.

string

Maximum length: 79

orig-addr6 <name>

IPv6 Original address.

Address name.

string

Maximum length: 79

dst-addr <name>

IPv4 Destination address.

Address name.

string

Maximum length: 79

dst-addr6 <name>

IPv6 Destination address.

Address name.

string

Maximum length: 79

protocol

Integer value for the protocol type .

integer

Minimum value: 0 Maximum value: 255

0

orig-port

Original TCP port (1 to 65535, 0 means any port).

user

Not Specified

nat

Enable/disable source NAT.

option

-

enable

Option

Description

disable

Disable source NAT.

enable

Enable source NAT.

nat46

Enable/disable NAT46.

option

-

disable

Option

Description

enable

Enable NAT46.

disable

Disable NAT46.

nat64

Enable/disable NAT64.

option

-

disable

Option

Description

enable

Enable NAT64.

disable

Disable NAT64.

nat-ippool <name>

Name of the IP pools to be used to translate addresses from available IP Pools.

IP pool name.

string

Maximum length: 79

nat-ippool6 <name>

IPv6 pools to be used for source NAT.

IPv6 pool name.

string

Maximum length: 79

nat-port

Translated port or port range (1 to 65535, 0 means any port).

user

Not Specified

comments

Comment.

var-string

Maximum length: 1023

config firewall central-snat-map

Configure IPv4 and IPv6 central SNAT policies.

config firewall central-snat-map

Description: Configure IPv4 and IPv6 central SNAT policies.

edit <policyid>

set uuid {uuid}

set status [enable|disable]

set type [ipv4|ipv6]

set srcintf <name1>, <name2>, ...

set dstintf <name1>, <name2>, ...

set orig-addr <name1>, <name2>, ...

set orig-addr6 <name1>, <name2>, ...

set dst-addr <name1>, <name2>, ...

set dst-addr6 <name1>, <name2>, ...

set protocol {integer}

set orig-port {user}

set nat [disable|enable]

set nat46 [enable|disable]

set nat64 [enable|disable]

set nat-ippool <name1>, <name2>, ...

set nat-ippool6 <name1>, <name2>, ...

set nat-port {user}

set comments {var-string}

next

end

config firewall central-snat-map

Parameter

Description

Type

Size

Default

uuid

Universally Unique Identifier (UUID; automatically assigned but can be manually reset).

uuid

Not Specified

00000000-0000-0000-0000-000000000000

status

Enable/disable the active status of this policy.

option

-

enable

Option

Description

enable

Enable this policy.

disable

Disable this policy.

type

IPv4/IPv6 source NAT.

option

-

ipv4

Option

Description

ipv4

Perform IPv4 source NAT.

ipv6

Perform IPv6 source NAT.

srcintf <name>

Source interface name from available interfaces.

Interface name.

string

Maximum length: 79

dstintf <name>

Destination interface name from available interfaces.

Interface name.

string

Maximum length: 79

orig-addr <name>

IPv4 Original address.

Address name.

string

Maximum length: 79

orig-addr6 <name>

IPv6 Original address.

Address name.

string

Maximum length: 79

dst-addr <name>

IPv4 Destination address.

Address name.

string

Maximum length: 79

dst-addr6 <name>

IPv6 Destination address.

Address name.

string

Maximum length: 79

protocol

Integer value for the protocol type .

integer

Minimum value: 0 Maximum value: 255

0

orig-port

Original TCP port (1 to 65535, 0 means any port).

user

Not Specified

nat

Enable/disable source NAT.

option

-

enable

Option

Description

disable

Disable source NAT.

enable

Enable source NAT.

nat46

Enable/disable NAT46.

option

-

disable

Option

Description

enable

Enable NAT46.

disable

Disable NAT46.

nat64

Enable/disable NAT64.

option

-

disable

Option

Description

enable

Enable NAT64.

disable

Disable NAT64.

nat-ippool <name>

Name of the IP pools to be used to translate addresses from available IP Pools.

IP pool name.

string

Maximum length: 79

nat-ippool6 <name>

IPv6 pools to be used for source NAT.

IPv6 pool name.

string

Maximum length: 79

nat-port

Translated port or port range (1 to 65535, 0 means any port).

user

Not Specified

comments

Comment.

var-string

Maximum length: 1023