To configure a MAC address range using the GUI:
Go to Policy & Objects -> Addresses to create or edit an address.
- For Category, select 'Address'.
- For Type, select 'MAC Address Range' and enter the address range.
- Enter the other fields and click 'OK'.1) Go to Policy & Objects -> IPv4 Policy to apply the address type to a policy in NAT mode VDOM.
In NAT mode VDOM, this address type cannot be used as destination address.To configure a MAC address range using the CLI:Create a new MAC address range type.#config firewall addressApply the address type to a policy.
edit <object_name>
set type mac
set start-mac <mac_address_start #>
set end-mac <mac_address_end #>
next
endIn Transparent mode or Virtual Wire Pair interface, this address type can be mixed with other address types in the policy.#config firewall address
edit "test-mac-addr1"
set type mac
set start-mac 00:0c:29:41:98:88
set end-mac 00:0c:29:41:98:88
next
end
#config firewall policy
edit 1
set srcintf "port2"
set dstintf "port1"
set srcaddr "test-mac-addr1" "10-1-100-42"
set dstaddr "all"
set action accept
set schedule "always"
set service "ALL"
set logtraffic all
set nat enable
next
end
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.