Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
tiktok
New Contributor

No dumb question: Firewall IPv4 address object

the format/syntax for creating an address object on FortiGate (5.x and 6.x) is 

 

Name:

Subnet/IP range:

 

Do you put the IP in the name?

 

If not then would the "Subnet/IP range:" be the place to put the actual IP? and if so would the following be correct syntax ?

 

192.168.10.10/32

or

192.168.10.10 255.255.255.255 

 

 

Thanks in advance

 

 

1 Solution
brycemd
Contributor II

The name is just for your reference.

 

Subnet can be either cidr or full mask:

 

192.168.10.10/32 192.168.10.10/255.255.255.255

 

Or, an IP Range:

192.168.10.10-192.168.10.40

View solution in original post

4 REPLIES 4
brycemd
Contributor II

The name is just for your reference.

 

Subnet can be either cidr or full mask:

 

192.168.10.10/32 192.168.10.10/255.255.255.255

 

Or, an IP Range:

192.168.10.10-192.168.10.40

tiktok
New Contributor

Looks like ive been doing it wrong the whole time....................lots fo work to do :) lol

Toshi_Esumi

BTW, name is not only for human reading, but other part like FW policies refer to it. "set comment <comments>" is only for human reference.

ede_pfau

Yap, you can use an address object in a static route...so choose wisely.

 

I use hostnames for hosts (/32), "net-XXX" for subnets, "net-<city>" for VPN remote subnets etc. Just as examples.

Ede Kernel panic: Aiee, killing interrupt handler!
Ede Kernel panic: Aiee, killing interrupt handler!
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors