config firewall ippool
Configure IPv4 IP pools.
config firewall ippool
Description: Configure IPv4 IP pools.
edit <name>
set add-nat64-route [disable|enable]
set arp-intf {string}
set arp-reply [disable|enable]
set associated-interface {string}
set block-size {integer}
set cgn-block-size {integer}
set cgn-client-endip {var-string}
set cgn-client-ipv6shift {integer}
set cgn-client-startip {var-string}
set cgn-fixedalloc [disable|enable]
set cgn-overload [disable|enable]
set cgn-port-end {integer}
set cgn-port-start {integer}
set cgn-spa [disable|enable]
set client-prefix-length {integer}
set comments {var-string}
set endip {ipv4-address-any}
set endport {integer}
set exclude-ip <ip1>, <ip2>, ...
set icmp-session-quota {integer}
set nat64 [disable|enable]
set num-blocks-per-user {integer}
set pba-interim-log {integer}
set pba-timeout {integer}
set permit-any-host [disable|enable]
set port-per-user {integer}
set privileged-port-use-pba [disable|enable]
set source-endip {ipv4-address-any}
set source-prefix6 {ipv6-network}
set source-startip {ipv4-address-any}
set startip {ipv4-address-any}
set startport {integer}
set subnet-broadcast-in-ippool {option}
set tcp-session-quota {integer}
set type [overload|one-to-one|...]
set udp-session-quota {integer}
set utilization-alarm-clear {integer}
set utilization-alarm-raise {integer}
next
end
config firewall ippool
|
Parameter |
Description |
Type |
Size |
Default |
||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
add-nat64-route |
Enable/disable adding NAT64 route. |
option |
- |
enable |
||||||||||||
|
|
|
|||||||||||||||
|
arp-intf |
Select an interface from available options that will reply to ARP requests. (If blank, any is selected). |
string |
Maximum length: 15 |
|
||||||||||||
|
arp-reply |
Enable/disable replying to ARP requests when an IP Pool is added to a policy (default = enable). |
option |
- |
enable |
||||||||||||
|
|
|
|||||||||||||||
|
associated-interface |
Associated interface name. |
string |
Maximum length: 15 |
|
||||||||||||
|
block-size |
Number of addresses in a block (64 - 4096, default = 128). |
integer |
Minimum value: 64 Maximum value: 4096 |
128 |
||||||||||||
|
cgn-block-size * |
Number of ports in a block(64 to 4096 in unit of 64, default = 128). |
integer |
Minimum value: 64 Maximum value: 4096 |
128 |
||||||||||||
|
cgn-client-endip * |
Final client IPv4 address (inclusive) (format xxx.xxx.xxx.xxx, Default: 0.0.0.0). |
var-string |
Maximum length: 255 |
|
||||||||||||
|
cgn-client-ipv6shift * |
IPv6 shift for fixed-allocation.(default 0) |
integer |
Minimum value: 0 Maximum value: 127 |
0 |
||||||||||||
|
cgn-client-startip * |
First client IPv4 address (inclusive) (format xxx.xxx.xxx.xxx, Default: 0.0.0.0). |
var-string |
Maximum length: 255 |
|
||||||||||||
|
cgn-fixedalloc * |
Enable/disable fixed-allocation mode. |
option |
- |
disable |
||||||||||||
|
|
|
|||||||||||||||
|
cgn-overload * |
Enable/disable overload mode. |
option |
- |
disable |
||||||||||||
|
|
|
|||||||||||||||
|
cgn-port-end * |
Ending public port can be allocated. |
integer |
Minimum value: 1024 Maximum value: 65535 |
65530 |
||||||||||||
|
cgn-port-start * |
Starting public port can be allocated. |
integer |
Minimum value: 1024 Maximum value: 65535 |
5117 |
||||||||||||
|
cgn-spa * |
Enable/disable single port allocation mode. |
option |
- |
disable |
||||||||||||
|
|
|
|||||||||||||||
|
client-prefix-length |
Subnet length of a single deterministic NAT64 client (1 - 128, default = 64). |
integer |
Minimum value: 1 Maximum value: 128 |
64 |
||||||||||||
|
comments |
Comment. |
var-string |
Maximum length: 255 |
|
||||||||||||
|
endip |
Final IPv4 address (inclusive) in the range for the address pool (format xxx.xxx.xxx.xxx, Default: 0.0.0.0). |
ipv4-address-any |
Not Specified |
0.0.0.0 |
||||||||||||
|
endport |
Final port number (inclusive) in the range for the address pool (1024 - 65535, Default: 65533). |
integer |
Minimum value: 1024 Maximum value: 65535 |
65533 |
||||||||||||
|
exclude-ip |
Exclude IPs x.x.x.x. Exclude IPs (xxx.xxx.xxx.xxx) |
string |
Maximum length: 79 |
|
||||||||||||
|
icmp-session-quota |
Maximum number of concurrent ICMP sessions allowed per client (0 - 2097000, default = 0 which means no limit). |
integer |
Minimum value: 0 Maximum value: 2097000 |
0 |
||||||||||||
|
name |
IP pool name. |
string |
Maximum length: 79 |
|
||||||||||||
|
nat64 |
Enable/disable NAT64. |
option |
- |
disable |
||||||||||||
|
|
|
|||||||||||||||
|
num-blocks-per-user |
Number of addresses blocks that can be used by a user (1 to 128, default = 8). |
integer |
Minimum value: 1 Maximum value: 128 |
8 |
||||||||||||
|
pba-interim-log |
Port block allocation interim logging interval (600 - 86400 seconds, default = 0 which disables interim logging). |
integer |
Minimum value: 600 Maximum value: 86400 |
0 |
||||||||||||
|
pba-timeout |
Port block allocation timeout (seconds). |
integer |
Minimum value: 3 Maximum value: 86400 |
30 |
||||||||||||
|
permit-any-host |
Enable/disable fullcone NAT. Accept UDP packets from any host. |
option |
- |
disable |
||||||||||||
|
|
|
|||||||||||||||
|
port-per-user |
Number of port for each user (32 - 60416, default = 0, which is auto). |
integer |
Minimum value: 32 Maximum value: 60417 |
0 |
||||||||||||
|
privileged-port-use-pba |
Enable/disable selection of the external port from the port block allocation for NAT'ing privileged ports (deafult = disable). |
option |
- |
disable |
||||||||||||
|
|
|
|||||||||||||||
|
source-endip |
Final IPv4 address (inclusive) in the range of the source addresses to be translated (format xxx.xxx.xxx.xxx, Default: 0.0.0.0). |
ipv4-address-any |
Not Specified |
0.0.0.0 |
||||||||||||
|
source-prefix6 |
Source IPv6 network to be translated (format = xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx/xxx, default = ::/0). |
ipv6-network |
Not Specified |
::/0 |
||||||||||||
|
source-startip |
First IPv4 address (inclusive) in the range of the source addresses to be translated (format = xxx.xxx.xxx.xxx, default = 0.0.0.0). |
ipv4-address-any |
Not Specified |
0.0.0.0 |
||||||||||||
|
startip |
First IPv4 address (inclusive) in the range for the address pool (format xxx.xxx.xxx.xxx, Default: 0.0.0.0). |
ipv4-address-any |
Not Specified |
0.0.0.0 |
||||||||||||
|
startport |
First port number (inclusive) in the range for the address pool (1024 - 65535, Default: 5117). |
integer |
Minimum value: 1024 Maximum value: 65535 |
5117 |
||||||||||||
|
subnet-broadcast-in-ippool |
Enable/disable inclusion of the subnetwork address and broadcast IP address in the NAT64 IP pool. |
option |
- |
|
||||||||||||
|
|
|
|||||||||||||||
|
tcp-session-quota |
Maximum number of concurrent TCP sessions allowed per client (0 - 2097000, default = 0 which means no limit). |
integer |
Minimum value: 0 Maximum value: 2097000 |
0 |
||||||||||||
|
type |
IP pool type: overload, one-to-one, fixed-port-range, port-block-allocation, cgn-resource-allocation (hyperscale vdom only) |
option |
- |
overload |
||||||||||||
|
|
|
|||||||||||||||
|
udp-session-quota |
Maximum number of concurrent UDP sessions allowed per client (0 - 2097000, default = 0 which means no limit). |
integer |
Minimum value: 0 Maximum value: 2097000 |
0 |
||||||||||||
|
utilization-alarm-clear * |
Pool utilization alarm clear threshold (40-100). |
integer |
Minimum value: 40 Maximum value: 100 |
80 |
||||||||||||
|
utilization-alarm-raise * |
Pool utilization alarm raise threshold (50-100). |
integer |
Minimum value: 50 Maximum value: 100 |
100 |
||||||||||||
* This parameter may not exist in some models.