config firewall address
Configure IPv4 addresses.
config firewall address Description: Configure IPv4 addresses. edit <name> set uuid {uuid} set subnet {ipv4-classnet-any} set type [ipmask|iprange|...] set sub-type [sdn|clearpass-spt|...] set clearpass-spt [unknown|healthy|...] set start-ip {ipv4-address-any} set end-ip {ipv4-address-any} set fqdn {string} set country {string} set wildcard-fqdn {string} set pattern-start {integer} set pattern-end {integer} set cache-ttl {integer} set wildcard {ipv4-classnet-any} set sdn {string} set fsso-group <name1>, <name2>, ... set interface {string} set tenant {string} set organization {string} set epg-name {string} set subnet-name {string} set sdn-tag {string} set policy-group {string} set obj-tag {string} set obj-type [ip|mac] set tag-detection-level {string} set tag-type {string} set comment {var-string} set associated-interface {string} set color {integer} set filter {var-string} set sdn-addr-type [private|public|...] set node-ip-only [enable|disable] set obj-id {var-string} config list Description: IP address list. edit <ip> next end config tagging Description: Config object tagging. edit <name> set category {string} set tags <name1>, <name2>, ... next end set allow-routing [enable|disable] set fabric-object [enable|disable] next end
config firewall address
Parameter |
Description |
Type |
Size |
Default |
||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
name |
Address name. |
string |
Maximum length: 79 |
|
||||||||||||||||||
uuid |
Universally Unique Identifier (UUID; automatically assigned but can be manually reset). |
uuid |
Not Specified |
00000000-0000-0000-0000-000000000000 |
||||||||||||||||||
subnet |
IP address and subnet mask of address. |
ipv4-classnet-any |
Not Specified |
0.0.0.0 0.0.0.0 |
||||||||||||||||||
type |
Type of address. |
option |
- |
ipmask |
||||||||||||||||||
|
|
|||||||||||||||||||||
sub-type |
Sub-type of address. |
option |
- |
sdn |
||||||||||||||||||
|
|
|||||||||||||||||||||
clearpass-spt |
SPT (System Posture Token) value. |
option |
- |
unknown |
||||||||||||||||||
|
|
|||||||||||||||||||||
start-ip |
First IP address (inclusive) in the range for the address. |
ipv4-address-any |
Not Specified |
0.0.0.0 |
||||||||||||||||||
end-ip |
Final IP address (inclusive) in the range for the address. |
ipv4-address-any |
Not Specified |
0.0.0.0 |
||||||||||||||||||
fqdn |
Fully Qualified Domain Name address. |
string |
Maximum length: 255 |
|
||||||||||||||||||
country |
IP addresses associated to a specific country. |
string |
Maximum length: 2 |
|
||||||||||||||||||
wildcard-fqdn |
Fully Qualified Domain Name with wildcard characters. |
string |
Maximum length: 255 |
|
||||||||||||||||||
pattern-start |
Starting number of pattern for fqdn-group. |
integer |
Minimum value: 0 Maximum value: 65535 |
0 |
||||||||||||||||||
pattern-end |
Ending number of pattern for fqdn-group. |
integer |
Minimum value: 0 Maximum value: 65535 |
0 |
||||||||||||||||||
cache-ttl |
Defines the minimal TTL of individual IP addresses in FQDN cache measured in seconds. |
integer |
Minimum value: 0 Maximum value: 86400 |
0 |
||||||||||||||||||
wildcard |
IP address and wildcard netmask. |
ipv4-classnet-any |
Not Specified |
0.0.0.0 0.0.0.0 |
||||||||||||||||||
sdn |
SDN. |
string |
Maximum length: 35 |
|
||||||||||||||||||
fsso-group |
FSSO group(s). FSSO group name. |
string |
Maximum length: 511 |
|
||||||||||||||||||
interface |
Name of interface whose IP address is to be used. |
string |
Maximum length: 35 |
|
||||||||||||||||||
tenant |
Tenant. |
string |
Maximum length: 35 |
|
||||||||||||||||||
organization |
Organization domain name (Syntax: organization/domain). |
string |
Maximum length: 35 |
|
||||||||||||||||||
epg-name |
Endpoint group name. |
string |
Maximum length: 255 |
|
||||||||||||||||||
subnet-name |
Subnet name. |
string |
Maximum length: 255 |
|
||||||||||||||||||
sdn-tag |
SDN Tag. |
string |
Maximum length: 15 |
|
||||||||||||||||||
policy-group |
Policy group name. |
string |
Maximum length: 15 |
|
||||||||||||||||||
obj-tag |
Tag of dynamic address object. |
string |
Maximum length: 255 |
|
||||||||||||||||||
obj-type |
Object type. |
option |
- |
ip |
||||||||||||||||||
|
|
|||||||||||||||||||||
tag-detection-level |
Tag detection level of dynamic address object. |
string |
Maximum length: 15 |
|
||||||||||||||||||
tag-type |
Tag type of dynamic address object. |
string |
Maximum length: 63 |
|
||||||||||||||||||
comment |
Comment. |
var-string |
Maximum length: 255 |
|
||||||||||||||||||
associated-interface |
Network interface associated with address. |
string |
Maximum length: 35 |
|
||||||||||||||||||
color |
Color of icon on the GUI. |
integer |
Minimum value: 0 Maximum value: 32 |
0 |
||||||||||||||||||
filter |
Match criteria filter. |
var-string |
Maximum length: 2047 |
|
||||||||||||||||||
sdn-addr-type |
Type of addresses to collect. |
option |
- |
private |
||||||||||||||||||
|
|
|||||||||||||||||||||
node-ip-only |
Enable/disable collection of node addresses only in Kubernetes. |
option |
- |
disable |
||||||||||||||||||
|
|
|||||||||||||||||||||
obj-id |
Object ID for NSX. |
var-string |
Maximum length: 255 |
|
||||||||||||||||||
allow-routing |
Enable/disable use of this address in the static route configuration. |
option |
- |
disable |
||||||||||||||||||
|
|
|||||||||||||||||||||
fabric-object |
Security Fabric global object setting. |
option |
- |
disable |
||||||||||||||||||
|
|
config list
Parameter |
Description |
Type |
Size |
Default |
---|---|---|---|---|
ip |
IP. |
string |
Maximum length: 35 |
|
config tagging
Parameter |
Description |
Type |
Size |
Default |
---|---|---|---|---|
name |
Tagging entry name. |
string |
Maximum length: 63 |
|
category |
Tag category. |
string |
Maximum length: 63 |
|
tags |
Tags. Tag name. |
string |
Maximum length: 79 |
|