You can configure CGN resource allocation IP pool groups to group together related CGN resource allocation IP pools to be able to add multiple IP pools to the same firewall policy. All of the CGN IP pools in a CGN IP pool group must have the same CGN mode and their IP ranges must not overlap.
Use the following command to create an CGN resource allocation IP pool group:
config firewall ippool_grp
set member <cgn-ippool> ...
member select the names of the CGN IP pools to add to the CGN IP pool group.
Use the following steps to configure CGNAT IP pool groups from the GUI:
- Go to Policy & Objects > IP Pools.
- Select Create New > CGN IP Pool Group.
- Select CGN IP pools to add to the Members list.