Fortinet black logo

CLI Reference

config firewall interface-policy6

config firewall interface-policy6

Configure IPv6 interface policies.

config firewall interface-policy6
    Description: Configure IPv6 interface policies.
    edit <policyid>
        set application-list {string}
        set application-list-status [enable|disable]
        set av-profile {string}
        set av-profile-status [enable|disable]
        set comments {var-string}
        set dlp-sensor {string}
        set dlp-sensor-status [enable|disable]
        set dsri [enable|disable]
        set dstaddr6 <name1>, <name2>, ...
        set emailfilter-profile {string}
        set emailfilter-profile-status [enable|disable]
        set interface {string}
        set ips-sensor {string}
        set ips-sensor-status [enable|disable]
        set logtraffic [all|utm|...]
        set policyid {integer}
        set service6 <name1>, <name2>, ...
        set srcaddr6 <name1>, <name2>, ...
        set status [enable|disable]
        set webfilter-profile {string}
        set webfilter-profile-status [enable|disable]
    next
end

config firewall interface-policy6

Parameter

Description

Type

Size

Default

application-list

Application list name.

string

Not Specified

application-list-status

Enable/disable application control.

option

-

disable

Option

Description

enable

Enable application control

disable

Disable application control

av-profile

Antivirus profile.

string

Not Specified

av-profile-status

Enable/disable antivirus.

option

-

disable

Option

Description

enable

Enable antivirus

disable

Disable antivirus

comments

Comments.

var-string

Not Specified

dlp-sensor

DLP sensor name.

string

Not Specified

dlp-sensor-status

Enable/disable DLP.

option

-

disable

Option

Description

enable

Enable setting.

disable

Disable setting.

dsri

Enable/disable DSRI.

option

-

disable

Option

Description

enable

Enable DSRI.

disable

Disable DSRI.

dstaddr6 <name>

IPv6 address object to limit traffic monitoring to network traffic sent to the specified address or range.

Address name.

string

Maximum length: 79

emailfilter-profile

Email filter profile.

string

Not Specified

emailfilter-profile-status

Enable/disable email filter.

option

-

disable

Option

Description

enable

Enable Email filter.

disable

Disable Email filter.

interface

Monitored interface name from available interfaces.

string

Not Specified

ips-sensor

IPS sensor name.

string

Not Specified

ips-sensor-status

Enable/disable IPS.

option

-

disable

Option

Description

enable

Enable IPS.

disable

Disable IPS.

logtraffic

Logging type to be used in this policy (Options: all | utm | disable, Default: utm).

option

-

utm

Option

Description

all

Log all sessions accepted or denied by this policy.

utm

Log traffic that has a security profile applied to it.

disable

Disable all logging for this policy.

policyid

Policy ID.

integer

Minimum value: 0 Maximum value: 4294967295

0

service6 <name>

Service name.

Address name.

string

Maximum length: 79

srcaddr6 <name>

IPv6 address object to limit traffic monitoring to network traffic sent from the specified address or range.

Address name.

string

Maximum length: 79

status

Enable/disable this policy.

option

-

enable

Option

Description

enable

Enable this policy.

disable

Disable this policy.

webfilter-profile

Web filter profile.

string

Not Specified

webfilter-profile-status

Enable/disable web filtering.

option

-

disable

Option

Description

enable

Enable web filtering.

disable

Disable web filtering.

config firewall interface-policy6

Configure IPv6 interface policies.

config firewall interface-policy6
    Description: Configure IPv6 interface policies.
    edit <policyid>
        set application-list {string}
        set application-list-status [enable|disable]
        set av-profile {string}
        set av-profile-status [enable|disable]
        set comments {var-string}
        set dlp-sensor {string}
        set dlp-sensor-status [enable|disable]
        set dsri [enable|disable]
        set dstaddr6 <name1>, <name2>, ...
        set emailfilter-profile {string}
        set emailfilter-profile-status [enable|disable]
        set interface {string}
        set ips-sensor {string}
        set ips-sensor-status [enable|disable]
        set logtraffic [all|utm|...]
        set policyid {integer}
        set service6 <name1>, <name2>, ...
        set srcaddr6 <name1>, <name2>, ...
        set status [enable|disable]
        set webfilter-profile {string}
        set webfilter-profile-status [enable|disable]
    next
end

config firewall interface-policy6

Parameter

Description

Type

Size

Default

application-list

Application list name.

string

Not Specified

application-list-status

Enable/disable application control.

option

-

disable

Option

Description

enable

Enable application control

disable

Disable application control

av-profile

Antivirus profile.

string

Not Specified

av-profile-status

Enable/disable antivirus.

option

-

disable

Option

Description

enable

Enable antivirus

disable

Disable antivirus

comments

Comments.

var-string

Not Specified

dlp-sensor

DLP sensor name.

string

Not Specified

dlp-sensor-status

Enable/disable DLP.

option

-

disable

Option

Description

enable

Enable setting.

disable

Disable setting.

dsri

Enable/disable DSRI.

option

-

disable

Option

Description

enable

Enable DSRI.

disable

Disable DSRI.

dstaddr6 <name>

IPv6 address object to limit traffic monitoring to network traffic sent to the specified address or range.

Address name.

string

Maximum length: 79

emailfilter-profile

Email filter profile.

string

Not Specified

emailfilter-profile-status

Enable/disable email filter.

option

-

disable

Option

Description

enable

Enable Email filter.

disable

Disable Email filter.

interface

Monitored interface name from available interfaces.

string

Not Specified

ips-sensor

IPS sensor name.

string

Not Specified

ips-sensor-status

Enable/disable IPS.

option

-

disable

Option

Description

enable

Enable IPS.

disable

Disable IPS.

logtraffic

Logging type to be used in this policy (Options: all | utm | disable, Default: utm).

option

-

utm

Option

Description

all

Log all sessions accepted or denied by this policy.

utm

Log traffic that has a security profile applied to it.

disable

Disable all logging for this policy.

policyid

Policy ID.

integer

Minimum value: 0 Maximum value: 4294967295

0

service6 <name>

Service name.

Address name.

string

Maximum length: 79

srcaddr6 <name>

IPv6 address object to limit traffic monitoring to network traffic sent from the specified address or range.

Address name.

string

Maximum length: 79

status

Enable/disable this policy.

option

-

enable

Option

Description

enable

Enable this policy.

disable

Disable this policy.

webfilter-profile

Web filter profile.

string

Not Specified

webfilter-profile-status

Enable/disable web filtering.

option

-

disable

Option

Description

enable

Enable web filtering.

disable

Disable web filtering.