Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
focus11
New Contributor

Define public IP address

Hi,

How can I add all public IP address to the addresses?

4 REPLIES 4
AEK
SuperUser
SuperUser

Hi @focus11 

If you mean you want to create an address object containing all public IP addresses then you need to create an address group containing the following ranges:

1.0.0.0-9.255.255.255
11.0.0.0-100.63.255.255
100.128.0.0-126.255.255.255
128.0.0.0-169.253.255.255
169.255.0.0-172.15.255.255
172.32.0.0-191.255.255.255
192.0.1.0/24
192.0.3.0-192.88.98.255
192.88.100.0-192.167.255.255
192.169.0.0-198.17.255.255
198.20.0.0-198.51.99.255
198.51.101.0-203.0.112.255
203.0.114.0-223.255.255.255

 

AEK
AEK
Guenther
New Contributor II

This leads to a set of subnets...

 

0.0.0.0/5
8.0.0.0/7
11.0.0.0/8
12.0.0.0/6
16.0.0.0/4
32.0.0.0/3
64.0.0.0/3
96.0.0.0/6
100.0.0.0/10
100.128.0.0/9
101.0.0.0/8
102.0.0.0/7
104.0.0.0/5
112.0.0.0/5
120.0.0.0/6
124.0.0.0/7
126.0.0.0/8
128.0.0.0/3
160.0.0.0/5
168.0.0.0/6
168.0.0.0/8
169.0.0.0/9
169.128.0.0/10
169.192.0.0/11
169.224.0.0/12
169.240.0.0/13
169.248.0.0/14
169.252.0.0/15
172.0.0.0/12
172.32.0.0/11
172.64.0.0/10
172.128.0.0/9
173.0.0.0/8
174.0.0.0/7
176.0.0.0/4
192.0.0.0/9
192.128.0.0/11
192.160.0.0/13
192.169.0.0/16
192.170.0.0/15
192.172.0.0/14
192.176.0.0/12
192.192.0.0/10
193.0.0.0/8
194.0.0.0/7
196.0.0.0/6
200.0.0.0/5
208.0.0.0/4
224.0.0.0/4
240.0.0.0/4

Guenther
New Contributor II

Or as address object:

 

config firewall address
    edit "publicIP_part_1"
        set allow-routing enable
        set subnet 0.0.0.0/5
    next
    edit "publicIP_part_2"
        set allow-routing enable
        set subnet 8.0.0.0/7
    next
    edit "publicIP_part_3"
        set allow-routing enable
        set subnet 11.0.0.0/8
    next
    edit "publicIP_part_4"
        set allow-routing enable
        set subnet 12.0.0.0/6
    next
    edit "publicIP_part_5"
        set allow-routing enable
        set subnet 16.0.0.0/4
    next
    edit "publicIP_part_6"
        set allow-routing enable
        set subnet 32.0.0.0/3
    next
    edit "publicIP_part_7"
        set allow-routing enable
        set subnet 64.0.0.0/3
    next
    edit "publicIP_part_8"
        set allow-routing enable
        set subnet 96.0.0.0/6
    next
    edit "publicIP_part_9"
        set allow-routing enable
        set subnet 100.0.0.0/10
    next
    edit "publicIP_part_10"
        set allow-routing enable
        set subnet 100.128.0.0/9
    next
    edit "publicIP_part_11"
        set allow-routing enable
        set subnet 101.0.0.0/8
    next
    edit "publicIP_part_12"
        set allow-routing enable
        set subnet 102.0.0.0/7
    next
    edit "publicIP_part_13"
        set allow-routing enable
        set subnet 104.0.0.0/5
    next
    edit "publicIP_part_14"
        set allow-routing enable
        set subnet 112.0.0.0/5
    next
    edit "publicIP_part_15"
        set allow-routing enable
        set subnet 120.0.0.0/6
    next
    edit "publicIP_part_16"
        set allow-routing enable
        set subnet 124.0.0.0/7
    next
    edit "publicIP_part_17"
        set allow-routing enable
        set subnet 126.0.0.0/8
    next
    edit "publicIP_part_18"
        set allow-routing enable
        set subnet 128.0.0.0/3
    next
    edit "publicIP_part_19"
        set allow-routing enable
        set subnet 160.0.0.0/5
    next
    edit "publicIP_part_20"
        set allow-routing enable
        set subnet 168.0.0.0/6
    next
    edit "publicIP_part_21"
        set allow-routing enable
        set subnet 168.0.0.0/8
    next
    edit "publicIP_part_22"
        set allow-routing enable
        set subnet 169.0.0.0/9
    next
    edit "publicIP_part_23"
        set allow-routing enable
        set subnet 169.128.0.0/10
    next
    edit "publicIP_part_24"
        set allow-routing enable
        set subnet 169.192.0.0/11
    next
    edit "publicIP_part_25"
        set allow-routing enable
        set subnet 169.224.0.0/12
    next
    edit "publicIP_part_26"
        set allow-routing enable
        set subnet 169.240.0.0/13
    next
    edit "publicIP_part_27"
        set allow-routing enable
        set subnet 169.248.0.0/14
    next
    edit "publicIP_part_28"
        set allow-routing enable
        set subnet 169.252.0.0/15
    next
    edit "publicIP_part_29"
        set allow-routing enable
        set subnet 172.0.0.0/12
    next
    edit "publicIP_part_30"
        set allow-routing enable
        set subnet 172.32.0.0/11
    next
    edit "publicIP_part_31"
        set allow-routing enable
        set subnet 172.64.0.0/10
    next
    edit "publicIP_part_32"
        set allow-routing enable
        set subnet 172.128.0.0/9
    next
    edit "publicIP_part_33"
        set allow-routing enable
        set subnet 173.0.0.0/8
    next
    edit "publicIP_part_34"
        set allow-routing enable
        set subnet 174.0.0.0/7
    next
    edit "publicIP_part_35"
        set allow-routing enable
        set subnet 176.0.0.0/4
    next
    edit "publicIP_part_36"
        set allow-routing enable
        set subnet 192.0.0.0/9
    next
    edit "publicIP_part_37"
        set allow-routing enable
        set subnet 192.128.0.0/11
    next
    edit "publicIP_part_38"
        set allow-routing enable
        set subnet 192.160.0.0/13
    next
    edit "publicIP_part_39"
        set allow-routing enable
        set subnet 192.169.0.0/16
    next
    edit "publicIP_part_40"
        set allow-routing enable
        set subnet 192.170.0.0/15
    next
    edit "publicIP_part_41"
        set allow-routing enable
        set subnet 192.172.0.0/14
    next
    edit "publicIP_part_42"
        set allow-routing enable
        set subnet 192.176.0.0/12
    next
    edit "publicIP_part_43"
        set allow-routing enable
        set subnet 192.192.0.0/10
    next
    edit "publicIP_part_44"
        set allow-routing enable
        set subnet 193.0.0.0/8
    next
    edit "publicIP_part_45"
        set allow-routing enable
        set subnet 194.0.0.0/7
    next
    edit "publicIP_part_46"
        set allow-routing enable
        set subnet 196.0.0.0/6
    next
    edit "publicIP_part_47"
        set allow-routing enable
        set subnet 200.0.0.0/5
    next
    edit "publicIP_part_48"
        set allow-routing enable
        set subnet 208.0.0.0/4
    next
    edit "publicIP_part_49"
        set allow-routing enable
        set subnet 224.0.0.0/4
    next
    edit "publicIP_part_50"
        set allow-routing enable
        set subnet 240.0.0.0/4
    next
end
config firewall addrgrp
    edit "publicIPs"
        append member "publicIP_part_1"
        append member "publicIP_part_2"
        append member "publicIP_part_3"
        append member "publicIP_part_4"
        append member "publicIP_part_5"
        append member "publicIP_part_6"
        append member "publicIP_part_7"
        append member "publicIP_part_8"
        append member "publicIP_part_9"
        append member "publicIP_part_10"
        append member "publicIP_part_11"
        append member "publicIP_part_12"
        append member "publicIP_part_13"
        append member "publicIP_part_14"
        append member "publicIP_part_15"
        append member "publicIP_part_16"
        append member "publicIP_part_17"
        append member "publicIP_part_18"
        append member "publicIP_part_19"
        append member "publicIP_part_20"
        append member "publicIP_part_21"
        append member "publicIP_part_22"
        append member "publicIP_part_23"
        append member "publicIP_part_24"
        append member "publicIP_part_25"
        append member "publicIP_part_26"
        append member "publicIP_part_27"
        append member "publicIP_part_28"
        append member "publicIP_part_29"
        append member "publicIP_part_30"
        append member "publicIP_part_31"
        append member "publicIP_part_32"
        append member "publicIP_part_33"
        append member "publicIP_part_34"
        append member "publicIP_part_35"
        append member "publicIP_part_36"
        append member "publicIP_part_37"
        append member "publicIP_part_38"
        append member "publicIP_part_39"
        append member "publicIP_part_40"
        append member "publicIP_part_41"
        append member "publicIP_part_42"
        append member "publicIP_part_43"
        append member "publicIP_part_44"
        append member "publicIP_part_45"
        append member "publicIP_part_46"
        append member "publicIP_part_47"
        append member "publicIP_part_48"
        append member "publicIP_part_49"
        append member "publicIP_part_50"
    next
end
rtanagras
Staff
Staff

Hi @focus11 - @AEK is correct. For bulk creation, you can refer to this.

 

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Creation-and-addition-of-bulk-IP-address-o...

Best,
Ricky
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors