Create an address object to group IP addresses or specify
an FQDN, and then reference the address object in a firewall policy
rule, filter, or other function to avoid specifying multiple IP
addresses in multiple places.
Create Address Objects to represent
one or more IP addresses and then reference the address objects
in one or more policy rules, filters, or other firewall functions.
If you want to change the set of addresses, you change an address
object once rather than change multiple policy rules or filters,
which reduces your operational overhead.
Create an address object.
address object by
. The name is case-sensitive,
must be unique, and can be up to 63 characters (letters, numbers,
spaces, hyphens, and underscores).
—Specify a single
IPv4 or IPv6 address, an IPv4 network with slash notation, or an
IPv6 address and prefix. For example, 192.168.80.0/24 or 2001:db8:123:1::/64.
to see the associated
FQDN (based on the DNS configuration of the firewall or Panorama).
To change the address object type from
select the FQDN and click
Use this FQDN
the FQDN you select appears in the text field.
—Specify a range of IPv4 addresses
or IPv6 addresses separated by a hyphen. For example, 192.168.40.1-192.168.40.255
IP Wildcard Mask
—Specify an IP wildcard
address (IPv4 address followed by a slash and a mask, which must
begin with a 0). For example, 10.5.1.1/0.127.248.2. A zero (
in the mask indicates the bit being compared must match the bit
in the IP address that is covered by the zero. A one (
in the mask (wildcard bit) indicates the bit being compared need
not match the bit in the IP address covered by the one.
—Specify the domain name. The FQDN
initially resolves at commit time. The firewall subsequently refreshes
the FQDN based on the time-to-live (TTL) of the FQDN in DNS, as
long as the TTL is greater than or equal to the
Minimum FQDN Refresh Time
configure (or the default of 30 seconds). The FQDN is resolved by
the system DNS server or a DNS proxy object, if a proxy is configured.
to see the associated IP address
(based on the DNS configuration of the firewall or Panorama). To
change the address object type from FQDN to IP Netmask, select an
IP Netmask and click
Use this address
and the IP address you select
appears in the text field.