We would like to enable MAC based internet allow policy for our office premises devices. For kind of your information, We are using the FortiGate 300E firewall supported by you. Please let me know how many devices or MAC can be allowed on the FortiGate 300E firewall.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
@anamulomega wrote:We would like to enable MAC based internet allow policy for our office premises devices. For kind of your information, We are using the FortiGate 300E firewall supported by you. Please let me know how many devices or MAC can be allowed on the FortiGate 300E firewall.
The FortiGate 300E firewall supports up to 10,000 MAC addresses for MAC-based policies. This allows you to create policies that can accommodate a large number of devices in your office premises. Ensure your firewall's configuration and performance requirements align with this capacity for optimal operation.Heating & Cooling In Bowmanville
Hello @anamulomega ,
Thank you for contacting the Fortinet Forum portal.
From the max table value, it looks like you could only have a maximum of 1000 mac address please check below max table
https://docs.fortinet.com/max-value-table
or In the FortiGate cli type print tablesize it gives list of all max values as below article:
Best regards,
Manasa.
If you feel the above steps helped resolve the issue, mark the reply as solved so that other customers can get it easily while searching for similar scenarios.
Hi @anamulomega ,
Please type "print tablesize" on your fortigate 300E CLI and look for "firewall.address:macaddr:" line. It will tell you maximum number of MAC address objects that can be created. However, I was able assign multiple MAC addresses to single (MAC address based) firewall address object during my Lab testing on a Fortigate-VM. Below is the example:
config firewall address
edit "MAC-1"
set uuid fd27b5a2-5da2-51ef-6b29-ff39d1174cc3
set type mac
set macaddr "00:43:68:61:05:02" "00:43:68:61:05:03"
next
end
Maximum value table for FortiOS 7.4.4 and Fortigate 300E shows global limit of 20,000 considering all kind of firewall address objects
Regards,
Ankit
If you have found a solution, please like and accept it to make it easily accessible to others.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1547 | |
1031 | |
749 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.