Creating an address via the CLI
- Open the FortiOS CLI with admin credentials.
config firewall address.
- The prompt becomes the FortiGate hostname and (address)$. Enter
edit <address_name>to create an address. For example, if the address name is jkatoociaddress002, enter
- Configure the address as a Fabric connector supporting element:
set type dynamic.
set sdn oci.
- Configure the filter. Only IP addresses belonging to the specified filter that matches the condition are automatically populated and updated by the Fabric connector. OCI connectors support the following filters:
'vm_name=<vm name>': This matches a VM instance name.
'tag.<key>=<value>': This matches a freeform tag key and its value.
'instance_id=<instance id>': This matches an instance OCID.
'definedtag.<namespace>.<key>=<value>': This matches a tag namespace, tag key, and its value.
In this example, let's use
'tag.<key>=<value>', populating IP addresses of instances that have the "jkatoinstance" tag name with the "demomachine" value. Enter
set filter tag.jkatoinstance=demomachine. Entering
next endsaves the configuration and returns to the original indentation you started with.
You can set filtering conditions using multiple entries with AND ("&") or OR ("|"). When both AND and OR are specified, AND is interpreted first, then OR.
You can check the syntax by entering
set filter ?
For example, you can enter
"tag.<key>=<value> & vm_name=<vm name>". In this case, IP addresses of instances that match both the tag and VM machine name are populated and updated by the SDN Connector. Filter values do not allow wildcards (such as asterisks).
- After a few minutes, the new Address will take effect. Repeat steps 1-3, then enter
show. You can see the list of IP addresses that have been populated.