Main Menu
  • COMPANY
    • Boundless Cybersecurity
    • Press Releases
    • News
    • Events
    • Awards
    • Leadership
    • Press Kit
    • Careers
  • PROMOTIONS
    • SonicWall Promotions
    • Customer Loyalty Program
  • MANAGED SERVICES
    • Managed Security Services
    • Security as a Service
    • Professional Services
SonicWall
  • Products
      All Products A–Z
      Free Trials
    • Network Security
      • Next-Generation Firewall (NGFW)
      • Network Security Services
      • Network Security Management
      • Secure SD-WAN
    • Threat Protection
      • Advanced Threat Protection Cloud
      • Advanced Threat Protection Appliance
      • Capture Labs
    • Secure Access Service Edge (SASE)
      • Zero-Trust Network Access (ZTNA)
    • Cloud Security
      • Cloud Firewall
      • Cloud App Security
    • Endpoint Security
      • Endpoint Detection & Response (EDR)
    • Email Security
      • Cloud Email Security
      • Hosted Email Security
      • On-Prem Email Security
    • Secure Access
      • Wireless Access Points
      • Network Switch
      • Virtual Private Network (VPN)
    • Wi-Fi 6 Access Points

      SonicWall SonicWave 600 series access points provide always-on, always-secure connectivity for complex, multi-device environments.

      Read More
  • Solutions
    • Industries
      • Distributed Enterprises
      • Retail & Hospitality
      • K-12 Education
      • Higher Education
      • State & Local
      • Federal
      • Healthcare
      • Financial Services
      • Carriers
    • Use Cases
      • Secure SD-Branch
      • Network Segmentation
      • Zero Trust Security
      • Secure SD-WAN
      • Office 365 Security
      • SaaS Security
      • Secure Wi-Fi
    • Solutions Widgets
      • Solutions Content Widgets
        Federal

        Protect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions

      • Solutions Image Widgets
  • Partners
    • SonicWall Partners
      • Partners Overview
      • Find a Partner
      • Authorized Distributors
      • Technology Partners
    • Partner Resources
      • Become a Partner
      • SonicWall University
      • Training & Certification
    • Partner Widgets
      • Custom HTML : Partners Content WIdgets
        Partner Portal

        Access to deal registration, MDF, sales and marketing tools, training and more

      • Partners Image Widgets
  • Support
    • Support
      • Support Portal
      • Knowledge Base
      • Technical Documentation
      • Community
      • Video Tutorials
      • Product Life Cycle Tables
      • Partner Enabled Services
      • Contact Support
    • Resources
      • Resource Center
      • Events
      • Free Trials
      • Blog
      • SonicWall University
      • MySonicWall
    • Capture Labs
      • Capture Labs
      • Security Center
      • Security News
      • PSIRT
      • Application Catalog
    • Support Widget
      • Custom HTML : Support Content WIdgets
        Support Portal

        Find answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials

      • Support Image Widgets
  • COMPANY
    • Boundless Cybersecurity
    • Press Releases
    • News
    • Events
    • Awards
    • Leadership
    • Press Kit
    • Careers
  • PROMOTIONS
    • SonicWall Promotions
    • Customer Loyalty Program
  • MANAGED SERVICES
    • Managed Security Services
    • Security as a Service
    • Professional Services
  • Contact Sales
  • English English English en
  • BLOG
  • CONTACT SALES
  • FREE TRIALS
  • English English English en
SonicWall
  • Products
      All Products A–Z
      Free Trials
    • Network Security
      • Next-Generation Firewall (NGFW)
      • Network Security Services
      • Network Security Management
      • Secure SD-WAN
    • Threat Protection
      • Advanced Threat Protection Cloud
      • Advanced Threat Protection Appliance
      • Capture Labs
    • Secure Access Service Edge (SASE)
      • Zero-Trust Network Access (ZTNA)
    • Cloud Security
      • Cloud Firewall
      • Cloud App Security
    • Endpoint Security
      • Endpoint Detection & Response (EDR)
    • Email Security
      • Cloud Email Security
      • Hosted Email Security
      • On-Prem Email Security
    • Secure Access
      • Wireless Access Points
      • Network Switch
      • Virtual Private Network (VPN)
    • Wi-Fi 6 Access Points

      SonicWall SonicWave 600 series access points provide always-on, always-secure connectivity for complex, multi-device environments.

      Read More
  • Solutions
    • Industries
      • Distributed Enterprises
      • Retail & Hospitality
      • K-12 Education
      • Higher Education
      • State & Local
      • Federal
      • Healthcare
      • Financial Services
      • Carriers
    • Use Cases
      • Secure SD-Branch
      • Network Segmentation
      • Zero Trust Security
      • Secure SD-WAN
      • Office 365 Security
      • SaaS Security
      • Secure Wi-Fi
    • Solutions Widgets
      • Solutions Content Widgets
        Federal

        Protect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions

      • Solutions Image Widgets
  • Partners
    • SonicWall Partners
      • Partners Overview
      • Find a Partner
      • Authorized Distributors
      • Technology Partners
    • Partner Resources
      • Become a Partner
      • SonicWall University
      • Training & Certification
    • Partner Widgets
      • Custom HTML : Partners Content WIdgets
        Partner Portal

        Access to deal registration, MDF, sales and marketing tools, training and more

      • Partners Image Widgets
  • Support
    • Support
      • Support Portal
      • Knowledge Base
      • Technical Documentation
      • Community
      • Video Tutorials
      • Product Life Cycle Tables
      • Partner Enabled Services
      • Contact Support
    • Resources
      • Resource Center
      • Events
      • Free Trials
      • Blog
      • SonicWall University
      • MySonicWall
    • Capture Labs
      • Capture Labs
      • Security Center
      • Security News
      • PSIRT
      • Application Catalog
    • Support Widget
      • Custom HTML : Support Content WIdgets
        Support Portal

        Find answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials

      • Support Image Widgets
  • COMPANY
    • Boundless Cybersecurity
    • Press Releases
    • News
    • Events
    • Awards
    • Leadership
    • Press Kit
    • Careers
  • PROMOTIONS
    • SonicWall Promotions
    • Customer Loyalty Program
  • MANAGED SERVICES
    • Managed Security Services
    • Security as a Service
    • Professional Services
  • Contact Sales
  • Menu

Understanding Address Objects in SonicOS

04/21/2021 1,464 People found this article helpful 213,860 Views

    Download
    Print
    Share
    • LinkedIn
    • Twitter
    • Facebook
    • Email
    • Copy URL The link has been copied to clipboard

    Description

    Address Objects are one of four object classes (address, user, service, and schedule) in SonicOS Enhanced. These address objects allow for entities to be defined one time, and to be re-used in multiple referential instances throughout the SonicOS interface.

    EXAMPLE:Take an internal Web-Server with an IP address of 223.228.190.209. Rather than repeatedly typing in the IP address when constructing Access Rules or NAT Policies, Address Objects allow you to create a single entity called My Web Serveras a Hostaddress object with an IP address of 223.228.190.209.

    This Address Object, My Web Server can then be easily and efficiently selected from a drop-down menu in any configuration screen that employs Address Objects as a defining criterion.

    Resolution

    To create an Address object, you need to Navigate to Manage | Policies | Objects | Address Object and click Add  underneath Address Object.
    Image

    • Host:
      Host Address Objects define a single host by its IP address. The Netmask for a Host Address Object will automatically be set to 32-bit (255.255.255.255) to identify it as a single host.
       EXAMPLE: My Web Server with an IP address of 223.228.190.209 and a default Netmask of 255.255.255.255.
    • Range:
        Range Address Objects define a range of contiguous IP addresses. No Netmask is associated with Range Address Objects, but internal logic generally treats each member of the specified range as a 32-bit masked Host object.

       EXAMPLE: My Public Servers with an IP address starting value of 223.228.190.210 and an ending value of  223.228.190.214 . All 5 individual host addresses in this range would be comprised by this Range Address Object.

    • Network: 
       Network Address Objects are like Range objects in that they comprise multiple hosts, but rather than being bound by specified upper and lower range delimiters, the boundaries are defined by a valid Netmask. Network Address Objects must be defined by the network's address and a corresponding Netmask.

       EXAMPLE: My Public Network with a Network Value of 223.228.190.208 and a Netmask of 255.255.255.248 would comprise addresses from 223.228.190.208 through to 223.228.190.215. As a general rule, the first address in a network (the network address) and the last address in a network (the broadcast address) are unusable.

    • FQDN: 
       
      FQDN address objects allow for the identification of a host by its Fully Qualified Domain Names (FQDN), such as  www.SonicWall.com. FQDNs are be resolved to their IP address (or IP addresses) using the DNS server configured on the security appliance. Wildcard entries are supported through the gleaning of responses to queries sent to the sanctioned DNS servers.
    • MAC Address:
       
      MAC Address Objects allow for the identification of a host by its hardware address or MAC (Media Access Control) address. MAC addresses are uniquely assigned to every piece of wired or wireless networking device by their hardware manufacturers, and are intended to be immutable. MAC addresses are 48-bit values that are expressed in 6 byte hex-notation. For example "My Access Point" with a MAC address of "C0:EA:E4:00:C2:E8". MAC addresses are resolved to an IP address by referring to the ARP cache on the security appliance MAC address objects are used by various components of Wireless configurations throughout SonicOS.


    Address Object Groups:
     

    SonicOS Enhanced has the ability to group Address Objects into Address Object Groups. Groups of Address Objects can be defined to introduce further referential efficiencies. Groups can comprise any combination of Host, Range, or Network address objects. MAC address Objects should be grouped separately, although they can safely be added to Groups of IPbased Address Objects, where they will be ignored when their reference is contextually irrelevant (e.g. in a NAT Policy). 

    EXAMPLE: My Public Group can contain Host Address Object My Web Server and Range Address Object My Public Servers, effectively representing IP address 223.228.190.210 and IP addresses 223.228.190.211 to 223.228.190.214.

    Creating Group Address Objects:

    • Navigate to Manage | Policies | Objects |Address Objects | Address Groups.
    • Click Add to display the Add Address Object Group window.
    • Create a name for the group in the Name field.
    • Select the Address Object from the list and click the right arrow. It is added to the group.
    • Clicking while pressing the Ctrl key allows you to select multiple objects.
    • Click OK.
      Image

    Resolution for SonicOS 6.2 and Below

    The below resolution is for customers using SonicOS 6.2 and earlier firmware. For firewalls that are generation 6 and newer we suggest to upgrade to the latest general release of SonicOS 6.5 firmware.

    To create an Address object, you need to Navigate to Network | Address object and click Add underneath Address Object.
    Image

    • Host :
       Host Address Objects define a single host by its IP address. The Netmask for a Host Address Object will automatically be set to 32-bit (255.255.255.255) to identify it as a single host.

      EXAMPLE: My Web Server with an IP address of 223.228.190.209 and a default Netmask of 255.255.255.255.

    • Range:
        Range Address Objects define a range of contiguous IP addresses. No Netmask is associated with Range Address Objects, but internal logic generally treats each member of the specified range as a 32-bit masked Host object.

      EXAMPLE: My Public Servers with an IP address starting value of 223.228.190.210 and an ending value of  223.228.190.214 . All 5 individual host addresses in this range would be comprised by this Range Address Object.

    • Network:
       Network Address Objects are like Range objects in that they comprise multiple hosts, but rather than being bound by specified upper and lower range delimiters, the boundaries are defined by a valid Netmask. Network Address Objects must be defined by the network's address and a corresponding Netmask.

      EXAMPLE: My Public Network with a Network Value of 223.228.190.208 and a Netmask of 255.255.255.248 would comprise addresses from 223.228.190.208 through to 223.228.190.215. As a general rule, the first address in a network (the network address) and the last address in a network (the broadcast address) are unusable.

    • FQDN:
       
      FQDN address objects allow for the identification of a host by its Fully Qualified Domain Names (FQDN), such as  www.SonicWall.com. FQDNs are be resolved to their IP address (or IP addresses) using the DNS server configured on the security appliance. Wildcard entries are supported through the gleaning of responses to queries sent to the sanctioned DNS servers.
    • MAC Address:
       
      MAC Address Objects allow for the identification of a host by its hardware address or MAC (Media Access Control) address. MAC addresses are uniquely assigned to every piece of wired or wireless networking device by their hardware manufacturers, and are intended to be immutable. MAC addresses are 48-bit values that are expressed in 6 byte hex-notation. For example "My Access Point" with a MAC address of "C0:EA:E4:00:C2:E8". MAC addresses are resolved to an IP address by referring to the ARP cache on the security appliance MAC address objects are used by various components of Wireless configurations throughout SonicOS.
       


    Address Object Groups:
     
    SonicOS Enhanced has the ability to group Address Objects into Address Object Groups. Groups of address objects can be defined to introduce further referential efficiencies. Groups can comprise any combination of Host, Range, or Network address objects. MAC address Objects should be grouped separately, although they can safely be added to Groups of IPbased Address Objects, where they will be ignored when their reference is contextually irrelevant (e.g. in a NAT Policy).

    EXAMPLE: My Public Group can contain Host Address Object My Web Server and Range Address Object My Public Servers, effectively representing IP address 223.228.190.210 and IP addresses 223.228.190.211 to 223.228.190.214.

    Creating Group Address Objects:

    • Navigate to Network | Address Objects.
    • Click Add Group to display the Add Address Object Group window.
    • Create a name for the group in the Name field.
    • Select the Address Object from the list and click the right arrow. It is added to the group.
    • Clicking while pressing the Ctrl key allows you to select multiple objects.
    • Click OK.
      Image

    Related Articles

    • Bandwidth usage and tracking in SonicWall
    • How to force an update of the Security Services Signatures from the Firewall GUI
    • Configure Guest VLAN in the TZ firewall, for guest users to access Internet only.

    Categories

    • Firewalls > NSa Series > Networking
    • Firewalls > TZ Series > Networking
    • Firewalls > NSv Series > Networking

    Not Finding Your Answers?

    ASK THE COMMUNITY

    Was This Article Helpful?

    YESNO

    Article Helpful Form

    Article Not Helpful Form

    Company
    • Careers
    • News
    • Leadership
    • Awards
    • Press Kit
    • Contact Us
    Popular resources
    • Communities
    • Blog
    • SonicWall Capture Labs

    Stay In Touch

    • By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. You can unsubscribe at any time from the Preference Center.
    • This field is for validation purposes and should be left unchanged.
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
    • Instagram

    © 2023 SonicWall. All Rights Reserved.

    • Legal
    • Privacy
    • English
    Scroll to top