Fortinet white logo
Fortinet white logo

CLI Reference

config firewall addrgrp

config firewall addrgrp

Configure IPv4 address groups.

config firewall addrgrp
    Description: Configure IPv4 address groups.
    edit <name>
        set type [default|folder]
        set category [default|ztna-ems-tag]
        set uuid {uuid}
        set member <name1>, <name2>, ...
        set comment {var-string}
        set exclude [enable|disable]
        set exclude-member <name1>, <name2>, ...
        set color {integer}
        config tagging
            Description: Config object tagging.
            edit <name>
                set category {string}
                set tags <name1>, <name2>, ...
            next
        end
        set allow-routing [enable|disable]
        set fabric-object [enable|disable]
    next
end

config firewall addrgrp

Parameter

Description

Type

Size

Default

name

Address group name.

string

Maximum length: 79

type

Address group type.

option

-

default

Option

Description

default

Default address group type (address may belong to multiple groups).

folder

Address folder group (members may not belong to any other group).

category

Address group category.

option

-

default

Option

Description

default

Default address group category (cannot be used as ztna-ems-tag in policy).

ztna-ems-tag

Members must be ztna-ems-tag group or ems-tag address, can be used as ztna-ems-tag in policy.

uuid

Universally Unique Identifier (UUID; automatically assigned but can be manually reset).

uuid

Not Specified

00000000-0000-0000-0000-000000000000

member <name>

Address objects contained within the group.

Address name.

string

Maximum length: 79

comment

Comment.

var-string

Maximum length: 255

exclude

Enable/disable address exclusion.

option

-

disable

Option

Description

enable

Enable address exclusion.

disable

Disable address exclusion.

exclude-member <name>

Address exclusion member.

Address name.

string

Maximum length: 79

color

Color of icon on the GUI.

integer

Minimum value: 0 Maximum value: 32

0

allow-routing

Enable/disable use of this group in the static route configuration.

option

-

disable

Option

Description

enable

Enable use of this group in the static route configuration.

disable

Disable use of this group in the static route configuration.

fabric-object

Security Fabric global object setting.

option

-

disable

Option

Description

enable

Object is set as a security fabric-wide global object.

disable

Object is local to this security fabric member.

config tagging

Parameter

Description

Type

Size

Default

name

Tagging entry name.

string

Maximum length: 63

category

Tag category.

string

Maximum length: 63

tags <name>

Tags.

Tag name.

string

Maximum length: 79

config firewall addrgrp

config firewall addrgrp

Configure IPv4 address groups.

config firewall addrgrp
    Description: Configure IPv4 address groups.
    edit <name>
        set type [default|folder]
        set category [default|ztna-ems-tag]
        set uuid {uuid}
        set member <name1>, <name2>, ...
        set comment {var-string}
        set exclude [enable|disable]
        set exclude-member <name1>, <name2>, ...
        set color {integer}
        config tagging
            Description: Config object tagging.
            edit <name>
                set category {string}
                set tags <name1>, <name2>, ...
            next
        end
        set allow-routing [enable|disable]
        set fabric-object [enable|disable]
    next
end

config firewall addrgrp

Parameter

Description

Type

Size

Default

name

Address group name.

string

Maximum length: 79

type

Address group type.

option

-

default

Option

Description

default

Default address group type (address may belong to multiple groups).

folder

Address folder group (members may not belong to any other group).

category

Address group category.

option

-

default

Option

Description

default

Default address group category (cannot be used as ztna-ems-tag in policy).

ztna-ems-tag

Members must be ztna-ems-tag group or ems-tag address, can be used as ztna-ems-tag in policy.

uuid

Universally Unique Identifier (UUID; automatically assigned but can be manually reset).

uuid

Not Specified

00000000-0000-0000-0000-000000000000

member <name>

Address objects contained within the group.

Address name.

string

Maximum length: 79

comment

Comment.

var-string

Maximum length: 255

exclude

Enable/disable address exclusion.

option

-

disable

Option

Description

enable

Enable address exclusion.

disable

Disable address exclusion.

exclude-member <name>

Address exclusion member.

Address name.

string

Maximum length: 79

color

Color of icon on the GUI.

integer

Minimum value: 0 Maximum value: 32

0

allow-routing

Enable/disable use of this group in the static route configuration.

option

-

disable

Option

Description

enable

Enable use of this group in the static route configuration.

disable

Disable use of this group in the static route configuration.

fabric-object

Security Fabric global object setting.

option

-

disable

Option

Description

enable

Object is set as a security fabric-wide global object.

disable

Object is local to this security fabric member.

config tagging

Parameter

Description

Type

Size

Default

name

Tagging entry name.

string

Maximum length: 63

category

Tag category.

string

Maximum length: 63

tags <name>

Tags.

Tag name.

string

Maximum length: 79