Fortinet black logo

CLI Reference

config firewall multicast-policy

config firewall multicast-policy

Configure multicast NAT policies.

config firewall multicast-policy

Description: Configure multicast NAT policies.

edit <id>

set uuid {uuid}

set name {string}

set comments {var-string}

set status [enable|disable]

set logtraffic [enable|disable]

set srcintf {string}

set dstintf {string}

set srcaddr <name1>, <name2>, ...

set dstaddr <name1>, <name2>, ...

set snat [enable|disable]

set snat-ip {ipv4-address}

set dnat {ipv4-address-any}

set action [accept|deny]

set protocol {integer}

set start-port {integer}

set end-port {integer}

set auto-asic-offload [enable|disable]

next

end

config firewall multicast-policy

Parameter

Description

Type

Size

Default

uuid

Universally Unique Identifier (UUID; automatically assigned but can be manually reset).

uuid

Not Specified

00000000-0000-0000-0000-000000000000

name

Policy name.

string

Not Specified

comments

Comment.

var-string

Not Specified

status

Enable/disable this policy.

option

-

enable

Option

Description

enable

Enable this policy.

disable

Disable this policy.

logtraffic

Enable/disable logging traffic accepted by this policy.

option

-

disable

Option

Description

enable

Enable logging traffic accepted by this policy.

disable

Disable logging traffic accepted by this policy.

srcintf

Source interface name.

string

Not Specified

dstintf

Destination interface name.

string

Not Specified

srcaddr <name>

Source address objects.

Source address objects.

string

Maximum length: 79

dstaddr <name>

Destination address objects.

Destination address objects.

string

Maximum length: 79

snat

Enable/disable substitution of the outgoing interface IP address for the original source IP address (called source NAT or SNAT).

option

-

disable

Option

Description

enable

Enable source NAT.

disable

Disable source NAT.

snat-ip

IPv4 address to be used as the source address for NATed traffic.

ipv4-address

Not Specified

0.0.0.0

dnat

IPv4 DNAT address used for multicast destination addresses.

ipv4-address-any

Not Specified

0.0.0.0

action

Accept or deny traffic matching the policy.

option

-

accept

Option

Description

accept

Accept traffic matching the policy.

deny

Deny or block traffic matching the policy.

protocol

Integer value for the protocol type as defined by IANA .

integer

Minimum value: 0 Maximum value: 255

0

start-port

Integer value for starting TCP/UDP/SCTP destination port in range .

integer

Minimum value: 0 Maximum value: 65535

1

end-port

Integer value for ending TCP/UDP/SCTP destination port in range .

integer

Minimum value: 0 Maximum value: 65535

65535

auto-asic-offload

Enable/disable offloading policy traffic for hardware acceleration.

option

-

enable

Option

Description

enable

Enable hardware acceleration offloading.

disable

Disable offloading for hardware acceleration.

config firewall multicast-policy

Configure multicast NAT policies.

config firewall multicast-policy

Description: Configure multicast NAT policies.

edit <id>

set uuid {uuid}

set name {string}

set comments {var-string}

set status [enable|disable]

set logtraffic [enable|disable]

set srcintf {string}

set dstintf {string}

set srcaddr <name1>, <name2>, ...

set dstaddr <name1>, <name2>, ...

set snat [enable|disable]

set snat-ip {ipv4-address}

set dnat {ipv4-address-any}

set action [accept|deny]

set protocol {integer}

set start-port {integer}

set end-port {integer}

set auto-asic-offload [enable|disable]

next

end

config firewall multicast-policy

Parameter

Description

Type

Size

Default

uuid

Universally Unique Identifier (UUID; automatically assigned but can be manually reset).

uuid

Not Specified

00000000-0000-0000-0000-000000000000

name

Policy name.

string

Not Specified

comments

Comment.

var-string

Not Specified

status

Enable/disable this policy.

option

-

enable

Option

Description

enable

Enable this policy.

disable

Disable this policy.

logtraffic

Enable/disable logging traffic accepted by this policy.

option

-

disable

Option

Description

enable

Enable logging traffic accepted by this policy.

disable

Disable logging traffic accepted by this policy.

srcintf

Source interface name.

string

Not Specified

dstintf

Destination interface name.

string

Not Specified

srcaddr <name>

Source address objects.

Source address objects.

string

Maximum length: 79

dstaddr <name>

Destination address objects.

Destination address objects.

string

Maximum length: 79

snat

Enable/disable substitution of the outgoing interface IP address for the original source IP address (called source NAT or SNAT).

option

-

disable

Option

Description

enable

Enable source NAT.

disable

Disable source NAT.

snat-ip

IPv4 address to be used as the source address for NATed traffic.

ipv4-address

Not Specified

0.0.0.0

dnat

IPv4 DNAT address used for multicast destination addresses.

ipv4-address-any

Not Specified

0.0.0.0

action

Accept or deny traffic matching the policy.

option

-

accept

Option

Description

accept

Accept traffic matching the policy.

deny

Deny or block traffic matching the policy.

protocol

Integer value for the protocol type as defined by IANA .

integer

Minimum value: 0 Maximum value: 255

0

start-port

Integer value for starting TCP/UDP/SCTP destination port in range .

integer

Minimum value: 0 Maximum value: 65535

1

end-port

Integer value for ending TCP/UDP/SCTP destination port in range .

integer

Minimum value: 0 Maximum value: 65535

65535

auto-asic-offload

Enable/disable offloading policy traffic for hardware acceleration.

option

-

enable

Option

Description

enable

Enable hardware acceleration offloading.

disable

Disable offloading for hardware acceleration.