|
A list of MAC addresses is quintessential. For this article, the following MAC addresses will be used:
- 00:1A:2B:3C:4D:5E
- 1A:2B:3C:4D:5E:6F
- 3C:4D:5E:6F:7A:8B
- 7A:8B:9C:1D:2E:3F
- 9C:1D:2E:3F:4A:5B
- 5E:6F:7A:8B:9C:1D
- A1:B2:C3:D4:E5:F6
- D4:E5:F6:A1:B2:C3
- 56:34:12:98:67:EF
- 34:56:78:90:AB:CD
Make sure there are no duplicate entries. Use Microsoft Excel to remove them: Technical Tip: Creation and addition of bulk IP address objects)
Use any text editor such as Notepad++ that is capable of doing text searches using regular expressions. Paste all the MAC addresses in the text editor. andbring the replace window (Ctrl+H)
Under 'Find what' use regex without quotes:
- ((([a-zA-z0-9]{2}[-:]){5}([a-zA-z0-9]{2}))|(([a-zA-z0-9]{2}:){5}([a-zA-z0-9]{2})))
For 'Replace with': edit MACaddr-$1\n set type mac\n set mac $1\nnext\n
Either select 'Replace' or 'Replace All' (Ctrl+a) to change all the MAC addresses:
edit MACaddr-00:1A:2B:3C:4D:5E
set type mac
set mac 00:1A:2B:3C:4D:5E
next
edit MACaddr-1A:2B:3C:4D:5E:6F
set type mac
set mac 1A:2B:3C:4D:5E:6F
next
edit MACaddr-3C:4D:5E:6F:7A:8B
set type mac
set mac 3C:4D:5E:6F:7A:8B
next
edit MACaddr-7A:8B:9C:1D:2E:3F
set type mac
set mac 7A:8B:9C:1D:2E:3F
next
edit MACaddr-9C:1D:2E:3F:4A:5B
set type mac
set mac 9C:1D:2E:3F:4A:5B
next
edit MACaddr-5E:6F:7A:8B:9C:1D
set type mac
set mac 5E:6F:7A:8B:9C:1D
next
edit MACaddr-A1:B2:C3:D4:E5:F6
set type mac
set mac A1:B2:C3:D4:E5:F6
next
edit MACaddr-D4:E5:F6:A1:B2:C3
set type mac
set mac D4:E5:F6:A1:B2:C3
next
edit MACaddr-56:34:12:98:67:EF
set type mac
set mac 56:34:12:98:67:EF
next
edit MACaddr-34:56:78:90:AB:CD
set type mac
set mac 34:56:78:90:AB:CD
next
Note:
- Do add at the top: 'config firewall address'.
- At the bottom: 'end'.
- If the device has multi-VDOM enabled then defining the VDOM is mandatory:
config vdom
edit <vdom_name>
config firewall address
Adding these MACs to the FortiGate can be done in two ways:
- Copy the entire text to the CLI console on the FortiGate.
- Upload via CLI script: Configuration Scripts
|
