Fortinet white logo
Fortinet white logo

CLI Reference

config system ipam

config system ipam

Configure IP address management services.

config system ipam
    Description: Configure IP address management services.
    set status [enable|disable]
    set server-type {option}
    set automatic-conflict-resolution [disable|enable]
    set require-subnet-size-match [disable|enable]
    set manage-lan-addresses [disable|enable]
    set manage-lan-extension-addresses [disable|enable]
    set manage-ssid-addresses [disable|enable]
    config pools
        Description: Configure IPAM pools.
        edit <name>
            set description {string}
            set subnet {ipv4-classnet}
            config exclude
                Description: Configure pool exclude subnets.
                edit <ID>
                    set exclude-subnet {ipv4-classnet}
                next
            end
        next
    end
    config rules
        Description: Configure IPAM allocation rules.
        edit <name>
            set description {string}
            set device <name1>, <name2>, ...
            set interface <name1>, <name2>, ...
            set role [any|lan|...]
            set pool <name1>, <name2>, ...
            set dhcp [enable|disable]
        next
    end
end

config system ipam

Parameter

Description

Type

Size

Default

status

Enable/disable IP address management services.

option

-

disable

Option

Description

enable

Enable integration with IP address management services.

disable

Disable integration with IP address management services.

server-type

Configure the type of IPAM server to use.

option

-

fabric-root

Option

Description

fabric-root

Use the IPAM server running on the Security Fabric root.

automatic-conflict-resolution

Enable/disable automatic conflict resolution.

option

-

disable

Option

Description

disable

Disable automatic conflict resolution.

enable

Enable automatic conflict resolution.

require-subnet-size-match

Enable/disable reassignment of subnets to make requested and actual sizes match.

option

-

enable

Option

Description

disable

Disable requiring subnet sizes to match.

enable

Enable requiring subnet sizes to match.

manage-lan-addresses

Enable/disable default management of LAN interface addresses.

option

-

disable

Option

Description

disable

Disable LAN interface address management by default.

enable

Enable LAN interface address management by default.

manage-lan-extension-addresses

Enable/disable default management of FortiExtender LAN extension interface addresses.

option

-

disable

Option

Description

disable

Disable FortiExtender LAN extension interface address management by default.

enable

Enable FortiExtender LAN extension interface address management by default.

manage-ssid-addresses

Enable/disable default management of FortiAP SSID addresses.

option

-

disable

Option

Description

disable

Disable FortiAP SSID address management by default.

enable

Enable FortiAP SSID address management by default.

config pools

Parameter

Description

Type

Size

Default

name

IPAM pool name.

string

Maximum length: 79

description

Description.

string

Maximum length: 127

subnet

Configure IPAM pool subnet, Class A - Class B subnet.

ipv4-classnet

Not Specified

0.0.0.0 0.0.0.0

config exclude

Parameter

Description

Type

Size

Default

ID

Exclude ID.

integer

Minimum value: 0 Maximum value: 4294967295

0

exclude-subnet

Configure subnet to exclude from the IPAM pool.

ipv4-classnet

Not Specified

0.0.0.0 0.0.0.0

config rules

Parameter

Description

Type

Size

Default

name

IPAM rule name.

string

Maximum length: 79

description

Description.

string

Maximum length: 127

device <name>

Configure serial number or wildcard of FortiGate to match.

FortiGate serial number or wildcard.

string

Maximum length: 79

interface <name>

Configure name or wildcard of interface to match.

Interface name or wildcard.

string

Maximum length: 79

role

Configure role of interface to match.

option

-

any

Option

Description

any

Match any interface role.

lan

Match interface role lan.

wan

Match interface role wan.

dmz

Match interface role dmz.

undefined

Match interface role undefined.

pool <name>

Configure name of IPAM pool to use.

IPAM pool name.

string

Maximum length: 79

dhcp

Enable/disable DHCP server for matching IPAM interfaces.

option

-

disable

Option

Description

enable

Enable DHCP server on matched IPAM interface.

disable

Disable DHCP server on matched IPAM interface.

config system ipam

config system ipam

Configure IP address management services.

config system ipam
    Description: Configure IP address management services.
    set status [enable|disable]
    set server-type {option}
    set automatic-conflict-resolution [disable|enable]
    set require-subnet-size-match [disable|enable]
    set manage-lan-addresses [disable|enable]
    set manage-lan-extension-addresses [disable|enable]
    set manage-ssid-addresses [disable|enable]
    config pools
        Description: Configure IPAM pools.
        edit <name>
            set description {string}
            set subnet {ipv4-classnet}
            config exclude
                Description: Configure pool exclude subnets.
                edit <ID>
                    set exclude-subnet {ipv4-classnet}
                next
            end
        next
    end
    config rules
        Description: Configure IPAM allocation rules.
        edit <name>
            set description {string}
            set device <name1>, <name2>, ...
            set interface <name1>, <name2>, ...
            set role [any|lan|...]
            set pool <name1>, <name2>, ...
            set dhcp [enable|disable]
        next
    end
end

config system ipam

Parameter

Description

Type

Size

Default

status

Enable/disable IP address management services.

option

-

disable

Option

Description

enable

Enable integration with IP address management services.

disable

Disable integration with IP address management services.

server-type

Configure the type of IPAM server to use.

option

-

fabric-root

Option

Description

fabric-root

Use the IPAM server running on the Security Fabric root.

automatic-conflict-resolution

Enable/disable automatic conflict resolution.

option

-

disable

Option

Description

disable

Disable automatic conflict resolution.

enable

Enable automatic conflict resolution.

require-subnet-size-match

Enable/disable reassignment of subnets to make requested and actual sizes match.

option

-

enable

Option

Description

disable

Disable requiring subnet sizes to match.

enable

Enable requiring subnet sizes to match.

manage-lan-addresses

Enable/disable default management of LAN interface addresses.

option

-

disable

Option

Description

disable

Disable LAN interface address management by default.

enable

Enable LAN interface address management by default.

manage-lan-extension-addresses

Enable/disable default management of FortiExtender LAN extension interface addresses.

option

-

disable

Option

Description

disable

Disable FortiExtender LAN extension interface address management by default.

enable

Enable FortiExtender LAN extension interface address management by default.

manage-ssid-addresses

Enable/disable default management of FortiAP SSID addresses.

option

-

disable

Option

Description

disable

Disable FortiAP SSID address management by default.

enable

Enable FortiAP SSID address management by default.

config pools

Parameter

Description

Type

Size

Default

name

IPAM pool name.

string

Maximum length: 79

description

Description.

string

Maximum length: 127

subnet

Configure IPAM pool subnet, Class A - Class B subnet.

ipv4-classnet

Not Specified

0.0.0.0 0.0.0.0

config exclude

Parameter

Description

Type

Size

Default

ID

Exclude ID.

integer

Minimum value: 0 Maximum value: 4294967295

0

exclude-subnet

Configure subnet to exclude from the IPAM pool.

ipv4-classnet

Not Specified

0.0.0.0 0.0.0.0

config rules

Parameter

Description

Type

Size

Default

name

IPAM rule name.

string

Maximum length: 79

description

Description.

string

Maximum length: 127

device <name>

Configure serial number or wildcard of FortiGate to match.

FortiGate serial number or wildcard.

string

Maximum length: 79

interface <name>

Configure name or wildcard of interface to match.

Interface name or wildcard.

string

Maximum length: 79

role

Configure role of interface to match.

option

-

any

Option

Description

any

Match any interface role.

lan

Match interface role lan.

wan

Match interface role wan.

dmz

Match interface role dmz.

undefined

Match interface role undefined.

pool <name>

Configure name of IPAM pool to use.

IPAM pool name.

string

Maximum length: 79

dhcp

Enable/disable DHCP server for matching IPAM interfaces.

option

-

disable

Option

Description

enable

Enable DHCP server on matched IPAM interface.

disable

Disable DHCP server on matched IPAM interface.