Skip to main content
focus11
focus11
New Member
April 1, 2024
Question

Define public IP address

  • April 1, 2024
  • 2 replies
  • 2251 views

Hi,

How can I add all public IP address to the addresses?

2 replies

AEK
SuperUser
AEK
SuperUser
April 1, 2024

Hi @focus11 

If you mean you want to create an address object containing all public IP addresses then you need to create an address group containing the following ranges:

1.0.0.0-9.255.255.255
11.0.0.0-100.63.255.255
100.128.0.0-126.255.255.255
128.0.0.0-169.253.255.255
169.255.0.0-172.15.255.255
172.32.0.0-191.255.255.255
192.0.1.0/24
192.0.3.0-192.88.98.255
192.88.100.0-192.167.255.255
192.169.0.0-198.17.255.255
198.20.0.0-198.51.99.255
198.51.101.0-203.0.112.255
203.0.114.0-223.255.255.255

 

AEK
Guenther
Guenther
New Member
April 3, 2024

This leads to a set of subnets...

 

0.0.0.0/5
8.0.0.0/7
11.0.0.0/8
12.0.0.0/6
16.0.0.0/4
32.0.0.0/3
64.0.0.0/3
96.0.0.0/6
100.0.0.0/10
100.128.0.0/9
101.0.0.0/8
102.0.0.0/7
104.0.0.0/5
112.0.0.0/5
120.0.0.0/6
124.0.0.0/7
126.0.0.0/8
128.0.0.0/3
160.0.0.0/5
168.0.0.0/6
168.0.0.0/8
169.0.0.0/9
169.128.0.0/10
169.192.0.0/11
169.224.0.0/12
169.240.0.0/13
169.248.0.0/14
169.252.0.0/15
172.0.0.0/12
172.32.0.0/11
172.64.0.0/10
172.128.0.0/9
173.0.0.0/8
174.0.0.0/7
176.0.0.0/4
192.0.0.0/9
192.128.0.0/11
192.160.0.0/13
192.169.0.0/16
192.170.0.0/15
192.172.0.0/14
192.176.0.0/12
192.192.0.0/10
193.0.0.0/8
194.0.0.0/7
196.0.0.0/6
200.0.0.0/5
208.0.0.0/4
224.0.0.0/4
240.0.0.0/4

Guenther
Guenther
New Member
April 3, 2024

Or as address object:

 

config firewall address     edit "publicIP_part_1"         set allow-routing enable         set subnet 0.0.0.0/5     next     edit "publicIP_part_2"         set allow-routing enable         set subnet 8.0.0.0/7     next     edit "publicIP_part_3"         set allow-routing enable         set subnet 11.0.0.0/8     next     edit "publicIP_part_4"         set allow-routing enable         set subnet 12.0.0.0/6     next     edit "publicIP_part_5"         set allow-routing enable         set subnet 16.0.0.0/4     next     edit "publicIP_part_6"         set allow-routing enable         set subnet 32.0.0.0/3     next     edit "publicIP_part_7"         set allow-routing enable         set subnet 64.0.0.0/3     next     edit "publicIP_part_8"         set allow-routing enable         set subnet 96.0.0.0/6     next     edit "publicIP_part_9"         set allow-routing enable         set subnet 100.0.0.0/10     next     edit "publicIP_part_10"         set allow-routing enable         set subnet 100.128.0.0/9     next     edit "publicIP_part_11"         set allow-routing enable         set subnet 101.0.0.0/8     next     edit "publicIP_part_12"         set allow-routing enable         set subnet 102.0.0.0/7     next     edit "publicIP_part_13"         set allow-routing enable         set subnet 104.0.0.0/5     next     edit "publicIP_part_14"         set allow-routing enable         set subnet 112.0.0.0/5     next     edit "publicIP_part_15"         set allow-routing enable         set subnet 120.0.0.0/6     next     edit "publicIP_part_16"         set allow-routing enable         set subnet 124.0.0.0/7     next     edit "publicIP_part_17"         set allow-routing enable         set subnet 126.0.0.0/8     next     edit "publicIP_part_18"         set allow-routing enable         set subnet 128.0.0.0/3     next     edit "publicIP_part_19"         set allow-routing enable         set subnet 160.0.0.0/5     next     edit "publicIP_part_20"         set allow-routing enable         set subnet 168.0.0.0/6     next     edit "publicIP_part_21"         set allow-routing enable         set subnet 168.0.0.0/8     next     edit "publicIP_part_22"         set allow-routing enable         set subnet 169.0.0.0/9     next     edit "publicIP_part_23"         set allow-routing enable         set subnet 169.128.0.0/10     next     edit "publicIP_part_24"         set allow-routing enable         set subnet 169.192.0.0/11     next     edit "publicIP_part_25"         set allow-routing enable         set subnet 169.224.0.0/12     next     edit "publicIP_part_26"         set allow-routing enable         set subnet 169.240.0.0/13     next     edit "publicIP_part_27"         set allow-routing enable         set subnet 169.248.0.0/14     next     edit "publicIP_part_28"         set allow-routing enable         set subnet 169.252.0.0/15     next     edit "publicIP_part_29"         set allow-routing enable         set subnet 172.0.0.0/12     next     edit "publicIP_part_30"         set allow-routing enable         set subnet 172.32.0.0/11     next     edit "publicIP_part_31"         set allow-routing enable         set subnet 172.64.0.0/10     next     edit "publicIP_part_32"         set allow-routing enable         set subnet 172.128.0.0/9     next     edit "publicIP_part_33"         set allow-routing enable         set subnet 173.0.0.0/8     next     edit "publicIP_part_34"         set allow-routing enable         set subnet 174.0.0.0/7     next     edit "publicIP_part_35"         set allow-routing enable         set subnet 176.0.0.0/4     next     edit "publicIP_part_36"         set allow-routing enable         set subnet 192.0.0.0/9     next     edit "publicIP_part_37"         set allow-routing enable         set subnet 192.128.0.0/11     next     edit "publicIP_part_38"         set allow-routing enable         set subnet 192.160.0.0/13     next     edit "publicIP_part_39"         set allow-routing enable         set subnet 192.169.0.0/16     next     edit "publicIP_part_40"         set allow-routing enable         set subnet 192.170.0.0/15     next     edit "publicIP_part_41"         set allow-routing enable         set subnet 192.172.0.0/14     next     edit "publicIP_part_42"         set allow-routing enable         set subnet 192.176.0.0/12     next     edit "publicIP_part_43"         set allow-routing enable         set subnet 192.192.0.0/10     next     edit "publicIP_part_44"         set allow-routing enable         set subnet 193.0.0.0/8     next     edit "publicIP_part_45"         set allow-routing enable         set subnet 194.0.0.0/7     next     edit "publicIP_part_46"         set allow-routing enable         set subnet 196.0.0.0/6     next     edit "publicIP_part_47"         set allow-routing enable         set subnet 200.0.0.0/5     next     edit "publicIP_part_48"         set allow-routing enable         set subnet 208.0.0.0/4     next     edit "publicIP_part_49"         set allow-routing enable         set subnet 224.0.0.0/4     next     edit "publicIP_part_50"         set allow-routing enable         set subnet 240.0.0.0/4     next end config firewall addrgrp     edit "publicIPs"         append member "publicIP_part_1"         append member "publicIP_part_2"         append member "publicIP_part_3"         append member "publicIP_part_4"         append member "publicIP_part_5"         append member "publicIP_part_6"         append member "publicIP_part_7"         append member "publicIP_part_8"         append member "publicIP_part_9"         append member "publicIP_part_10"         append member "publicIP_part_11"         append member "publicIP_part_12"         append member "publicIP_part_13"         append member "publicIP_part_14"         append member "publicIP_part_15"         append member "publicIP_part_16"         append member "publicIP_part_17"         append member "publicIP_part_18"         append member "publicIP_part_19"         append member "publicIP_part_20"         append member "publicIP_part_21"         append member "publicIP_part_22"         append member "publicIP_part_23"         append member "publicIP_part_24"         append member "publicIP_part_25"         append member "publicIP_part_26"         append member "publicIP_part_27"         append member "publicIP_part_28"         append member "publicIP_part_29"         append member "publicIP_part_30"         append member "publicIP_part_31"         append member "publicIP_part_32"         append member "publicIP_part_33"         append member "publicIP_part_34"         append member "publicIP_part_35"         append member "publicIP_part_36"         append member "publicIP_part_37"         append member "publicIP_part_38"         append member "publicIP_part_39"         append member "publicIP_part_40"         append member "publicIP_part_41"         append member "publicIP_part_42"         append member "publicIP_part_43"         append member "publicIP_part_44"         append member "publicIP_part_45"         append member "publicIP_part_46"         append member "publicIP_part_47"         append member "publicIP_part_48"         append member "publicIP_part_49"         append member "publicIP_part_50"     next end
rtanagras
Staff & Editor
rtanagras
Staff & Editor
April 1, 2024

Hi @focus11 - @AEK is correct. For bulk creation, you can refer to this.

 

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Creation-and-addition-of-bulk-IP-address-objects/ta-p/241823

Terms & ConditionsAccessibility statement