Objects > Addresses
An address object can include either IPv4 or IPv6 addresses (a single IP address, a range of addresses, or a subnet), an FQDN, or a wildcard address (IPv4 address followed by a slash and wildcard mask). An address object allows you to reuse that same address or group of addresses as a source or destination address in policy rules, filters, and other firewall functions without adding each address manually for each instance. You create an address object using the web interface or CLI; changes require a commit operation to make the object a part of the configuration.
First Add a new address object and then specify the following values:
Address Object Settings
Enter a name (up to 63 characters) that describes the addresses you will include as part of this object. This name appears in the address list when defining security policy rules. The name is case-sensitive, must be unique, and can contain only letters, numbers, spaces, hyphens, and underscores.
Select this option if you want to share this address object with:
Disable override (Panorama only)
Select this option to prevent administrators from overriding the settings of this address object in device groups that inherit this object. By default, this selection is disabled, which means administrators can override the settings for any device group that inherits the object.
Enter a description for the object (up to 1,023 characters).
Specify the type of address object and the entry:
After selecting the address type and entering an IP address or FQDN, click Resolve to see the associated FQDN or IP addresses, respectively (based on the DNS configuration of the firewall or Panorama).
You can change an address object from an FQDN to an IP Netmask or vice versa. To change from an FQDN to an IP Netmask, click Resolve to see the IP addresses that the FQDN resolves to, then select one and Use this address. The address object Type dynamically changes to IP Netmask and the IP address you selected appears in the text field.
Alternatively, to change an address object from an IP Netmask to an FQDN, click Resolve to see the DNS name that the IP Netmask resolves to, then select the FQDN and Use this FQDN. The Type changes to FQDN and the FQDN appears in the text field.
Select or enter the tags that you want to apply to this address object. You can define a tag here or use the Objects > Tags tab to create new tags.
An address object is a set of IP addresses that you can manage in one place and then use in multiple firewall policy rules, filters, ...
Create an Address Object
Create an address object to group IP addresses or specify an FQDN, and then reference the address object in a firewall policy rule, filter, or ...
Wildcard Address Support in Security Policy Rules
Specify an address object that uses a wildcard address (IPv4 address/wildcard mask) as the source or destination of a Security policy rule to control access ...
Configure Destination NAT Using Dynamic IP Addresses
Configure Destination NAT Using Dynamic IP Addresses You can use Destination NAT to translate the original destination address to a destination host or server that ...
Enable Clients on the Internal Network to Access your Publi...
Enable Clients on the Internal Network to Access your Public Servers (Destination U-Turn NAT) When a user on the internal network sends a request for ...
Advanced Session Distribution Algorithms for Destination NAT
When a destination NAT address is a dynamic IP address that returns more than one address, select the method the firewall uses to distribute incoming ...
PA-7000 Series Layer 3 Interface
PA-7000 Series Layer 3 Interface Network > Interfaces > Ethernet To configure a Layer 3 interface, select an interface (ethernet1/1, for example) and specify the ...