Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
ChrisTan
Staff
Staff

Created on ‎11-16-2022 10:17 PM Edited on ‎10-19-2023 09:56 PM By Community Manager

Article Id 230121

Technical Tip: FortiGate can create max 32 secondary IP address per interface.

Description This article describes that FortiGate can only allow a maximum of 32 secondary IP addresses per interface.
Scope FortiGate.
Solution

Sometimes, FortiGate needs to apply multiple secondary IP addresses, especially in the cloud environment.

 

A maximum of 32 secondary IP addresses can be created for each interface.

 

The message 'Command fail. Return code -4 (reached the maximum number of entries)' will appear if more than 32 are added.

 

Enable port forwarding if there are more than 32 internal IP addresses to map.

 

Note:

The maximum number of secondary IPs on each interface has been extended to 256 on FOS v7.2.4 and later versions.

 

Refer to the following page for more details:

Maximum Values Table
3067
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.