Fortigate 200B - Invalid IP Address Range when trying to create

We have a Fortigate 200B firewall and we have 2 active WAN connections from different providers. This is not for fault tolerance but more to load balance traffic from some computers to use WAN1 and some to use WAN2. I am trying to create a policy route and for the source address I want to add the range 10.10.128.101-10.10.128.130. I have tried putting it in like that but I get an error Invalid IP Range (see pic). I have also tried putting in as 10.10.128.[101-130] and it show an error with what looks like an example to the side of 192.168.1.0/24, 172.16.1.1-172.16.1.20  (see pic) The version of the software I have is v5.2.10, build742 (GA). Any ideas what I am doing wrong ? I have tried 10.10.128.101-10.10.128.130 and 10.10.128.101 - 10.10.128.130 and 10.10.128.101 -10.10.128.130.
error2.jpg
error1.jpg
GenieMasterAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Aaron TomoskySD-WAN SimplifiedCommented:
I bet it wants cidr notation. Try
10.10.128.96/27
That will give you 96-127
0
Garry GlendownConsulting and Network/Security SpecialistCommented:
Policy routing configuration does not permit IP ranges ... you can only use them in address objects ...
For your above range, you will need to create multiple entries with:

10.10.128.101/32
10.10.128.102/31
10.10.128.104/29
10.10.128.112/28
10.10.128.128/31
10.10.128.130/32

Or, you could select using some subnet which saves you the work of putting all those partial networks in there, like Aaron wrote ... ;)
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
GenieMasterAuthor Commented:
I was hoping in not having to define subnet masks to allocate the range required. So silly Fortinet for not allowing the entry of an IP Range. Even though if you add an invalid entry it shows you an example that an IP Range can be added..
You can not even add another line, you need to add all of the subnet mask entries into 1 line. Thanks for your answers, it seems that this is the only way to do for now.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Fortigate

From novice to tech pro — start learning today.