Configuring IP Pools

Port Block Allocation

7. For the External IP Range fields, enter the lowest and highest addresses in the range. If you only want a single address used, enter the same address in both fields.

8. In the Block Size field, either type in the value or use the up or down arrows to set the value of the block size.

9. In the Blocks Per User field, either type in the value or use the up or down arrows to set the value for the number of blocks per user.

10. Enable the ARP Reply field by making sure there is a check in the box

11. Select OK

 

Port Block Allocation Example for GUI

In this example,an small ISP is setting up NATing for its clients, but to be fair it is putting some restrictions on the number of connections each client can have so that no one hogs all of the possible ports and addresses.The external interface is port12.

Field                                                    Value

IP Pool Type                                           IPv4 Pool

Name                                                      Client-IPPool

Comments                                              IP Pool for clients to access the Internet

Type                                                        Port Block Allocation

External IP Range                                   10.23.75.5 – 10.23.75.200

Block Size                                               64

Blocks Per User                                       8

ARP Reply                                              enabled

 

Port Block Allocation Example for CLI

config firewall ippool edit Client-IPPool

set comments “IP Pool for clients to access the Internet” set type port-block-allocation

set startip 10.23.75.5 set endip 10.23.75.200 set block-size 64

set num-blocks-per-user 8 set permit-any-host disable set arp-intf wan1

set arp-reply enableset arp-intf port12

end

 

Creating a IPv6 Pool

1. Go to Policy & Objects > IP Pools.

2. Select Create New.

3. In the IP Pool Type field choose IPv6 Pool

4. Enter a name in the Name field for the new service

5. Include any description you would like in the Comments field

6. For the External IP Range fields, enter the lowest and highest addresses in the range.

 

 

IPv6 Example for GUI

In this example,there is a similar situation to the One-to-one example earlier.There is a mail server that needs to be resolved to a specific IP address in Reverse DNS look-ups. The difference in this case is the company is an early adopter of IPv6 connectivity to the Internet.

Field                                       Value

IP Pool Type                              IPv6 Pool

Name                                         Mail-svr-ipv6

Comments                                Registered IPv6 address for mail server

External IP Range                     fd2f:50ec:cdea:0663::1025 – fd2f:50ec:cdea:0663::1025

 

 

Port Block Allocation Example for CLI

config firewall ippool6 edit Mail-svr-ipv6

set comments “Registered IPv6 address for mail server” set startip fd2f:50ec:cdea:663::102

set endip fd2f:50ec:cdea:663::1025 end


Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!

One thought on “Configuring IP Pools

  1. Cj

    what’s the definition of user in “block per user”?
    an IP address of a user or the username?
    how does fgt differentiate the user?
    Thanks,

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.