228
01-28006-0010-20041105
Fortinet Inc.
IP pool
Firewall
Virtual IP has the following options.
Configuring IP pools
To add an IP pool
1
Go to
Firewall > IP Pool
.
2
Select the interface to which to add the IP pool.
You can select a firewall interface or a VLAN subinterface.
3
Select Create New.
4
Enter the IP Range for the IP pool.
The IP range defines the start and end of an address range. The start of the range
must be lower than the end of the range. The start and end of the range must be on
the same subnet as the IP address of the interface to which you are adding the IP
pool.
5
Select OK.
To delete an IP pool
1
Go to
Firewall > IP Pool
.
2
Select the Delete icon beside the IP pool you want to delete.
3
Select OK.
To edit a IP pool
1
Go to
Firewall > IP Pool
.
2
For the IP pool that you want to edit, select Edit beside it.
3
Modify the IP pool as required.
4
Select OK to save the changes.
IP Pools for firewall policies that use fixed ports
Some network configurations do not operate correctly if a NAT policy translates the
source port of packets used by the connection. NAT translates source ports to keep
track of connections for a particular service. You can select fixed port for NAT policies
to prevent source port translation. However, selecting fixed port means that only one
connection can be supported through the firewall for this service. To be able to
support multiple connections, you can add an IP pool to the destination interface, and
then select dynamic IP pool in the policy. The firewall randomly selects an IP address
from the IP pool and assigns it to each connection. In this case the number of
connections that the firewall can support is limited by the number of IP addresses in
the IP pool.
Interface
Select the interface to which to add an IP pool.
Name
Enter a name for the IP pool.
IP Range/Subnet
Enter the IP address range for the IP pool.
Summary of Contents for FortiGate 3000
Page 18: ...Contents 18 01 28006 0010 20041105 Fortinet Inc ...
Page 52: ...52 01 28006 0010 20041105 Fortinet Inc Changing the FortiGate firmware System status ...
Page 78: ...78 01 28006 0010 20041105 Fortinet Inc FortiGate IPv6 support System network ...
Page 86: ...86 01 28006 0010 20041105 Fortinet Inc Dynamic IP System DHCP ...
Page 116: ...116 01 28006 0010 20041105 Fortinet Inc FortiManager System config ...
Page 122: ...122 01 28006 0010 20041105 Fortinet Inc Access profiles System administration ...
Page 252: ...252 01 28006 0010 20041105 Fortinet Inc CLI configuration Users and authentication ...
Page 390: ...390 01 28006 0010 20041105 Fortinet Inc Glossary ...
Page 398: ...398 01 28006 0010 20041105 Fortinet Inc Index ...