Fortinet black logo

Hyperscale Firewall Guide

Home FortiGate / FortiOS 7.2.1 Hyperscale Firewall Guide

CGNAT usage information

7.2.1
7.4.3
7.4.2
7.4.1
7.4.0
7.2.8
7.2.7
7.2.6
7.2.5
7.2.4
7.2.3
7.2.2
7.2.1
7.0.15
7.0.14
7.0.13
7.0.12
7.0.11
7.0.10
7.0.9
7.0.8
7.0.7
7.0.6
7.0.5
6.4.15
6.4.14
6.4.13
6.4.12
6.4.11
6.4.10
6.4.9
6.4.8
6.4.6
6.2.9
6.2.7
6.2.6
Copy Link
Copy Doc ID d0978f58-132f-11ed-9eba-fa163e15d75b:709678
Download PDF

CGNAT usage information

Use the following commands to display the CGN client IP addresses, PBA blocks, and public IP addresses currently in use.

diagnose firewall ippool {list {pba | nat-ip | user} | stats}

diagnose firewall ippool {list {pba | nat-ip | user} | stats | get-priv | get-pub | get-pub6}

diagnose firewall ippool get-priv <public-ipv4> [<public-port>]

diagnose firewall ippool get-pub <private-ipv4>

diagnose firewall ippool get-pub6 <private-ipv6>

stats list the total number of CGNAT IP pools that have been allocated, the number of currently active client IP addresses, NAT IP addresses, and PBA blocks.

pba list currently active source addresses of CGNAT clients and the PBA blocks assigned to them.

user list currently active source addresses of CGNAT clients and the number of PBA blocks assigned to them.

nat-ip list currently active public IP addresses and the number of PBA blocks and user sessions connected to each public IP.

get-priv <public-ipv4> [<public-port>] query private information of a public IPv4 address and optionally a port number.

get-pub <private-ipv4> query public information of a private IPv4 address.

get-pub6 <private-ipv6> query public information of a private IPv6 address.

Previous
Next

CGNAT usage information

Use the following commands to display the CGN client IP addresses, PBA blocks, and public IP addresses currently in use.

diagnose firewall ippool {list {pba | nat-ip | user} | stats}

diagnose firewall ippool {list {pba | nat-ip | user} | stats | get-priv | get-pub | get-pub6}

diagnose firewall ippool get-priv <public-ipv4> [<public-port>]

diagnose firewall ippool get-pub <private-ipv4>

diagnose firewall ippool get-pub6 <private-ipv6>

stats list the total number of CGNAT IP pools that have been allocated, the number of currently active client IP addresses, NAT IP addresses, and PBA blocks.

pba list currently active source addresses of CGNAT clients and the PBA blocks assigned to them.

user list currently active source addresses of CGNAT clients and the number of PBA blocks assigned to them.

nat-ip list currently active public IP addresses and the number of PBA blocks and user sessions connected to each public IP.

get-priv <public-ipv4> [<public-port>] query private information of a public IPv4 address and optionally a port number.

get-pub <private-ipv4> query public information of a private IPv4 address.

get-pub6 <private-ipv6> query public information of a private IPv6 address.

Previous
Next