SonicOS 7 Match Objects
- SonicOS 7
- Zones
- How Zones Work
- Predefined Zones
- Security Types
- Allow Interface Trust
- Enabling SonicWall Security Services on Zones
- Effect of Wireless and Non-Wireless Controller Modes
- Match Objects > Zones
- The Zone Settings Table
- Adding a New Zone
- Configuring a Zone for Guest Access
- Configuring a Zone for Open Authentication and Social Login
- Configuring a Zone for Captive Portal Authentication with RADIUS
- Configuring a Zone for Customized Policy Message
- Configuring a Zone for Customized Login Page
- Configuring the WLAN Zone
- Configuring the RADIUS Server
- Configuring DPI-SSL Granular Control per Zone
- Enabling Automatic Redirection to the User-Policy Page
- Deleting a Zone
- Addresses
- Types of Address Objects
- About Address Groups
- About UUIDs for Address Objects and Groups
- Addresses Page
- Default Address Objects and Groups
- Default Pref64 Address Object
- Default Rogue Address Groups
- Adding an Address Object
- Editing Address Objects
- Deleting Custom Address Objects
- Purging MAC or FQDN Address Objects
- Creating Address Groups
- Editing Address Groups
- Deleting Address Groups
- Working with Dynamic Address Objects
- Services
- About Default Service Objects and Groups
- Predefined IP Protocols for Custom Service Objects
- Adding Service Objects using Predefined Protocols
- Adding Custom IP Type Services
- Editing Custom Service Objects
- Deleting Custom Service Objects
- Adding Custom Service Groups
- Editing Custom Service Groups
- Deleting Custom Service Groups
- URI Lists
- Match Objects
- Schedules
- Dynamic Group
- Email Addresses
- SonicWall Support
About the Dynamic External Address Group File
The Dynamic External Address Group file (DEAG file) contains a list of IP addresses or Fully Qualified Domain Names (FQDNs) that define the DEAOs which are members of the DEAG. The DEAG file resides externally, on a server for FTP access or on a web page at a specific URL for HTTPS access. The list of IP addresses or FQDNs can be modified at the external location and the associated DEAOs and DEAG in SonicOS are dynamically updated with those changes, if configured to periodically download the file.
The DEAG file can contain a text list of either IP addresses or FQDNs formatted as follows:
- A list of IP addresses, one per line. It can include subnets specified in CIDR format.
- A list of FQDNs, one per line. An FQDN is a character string such as www.example.com. It cannot contain any wildcard (*) characters.
-
A mixed list of FQDNs and IP addresses/subnets, one per line. This is only supported for FQDN type DEAGs. A non-FQDN type DEAG will not accept FQDNs in the DEAG file.
However, it is not recommended to mix and match IP addresses and FQDNs in the DEAG file, because the IP addresses in this list will also be treated as FQDNs and SonicOS will attempt to resolve them. A better way to mix these input types is to create individual DEAGs of FQDN type and non-FQDN type and then add both DEAGs to a separate address group for use in access rules.
For every DEAG, a DEAO with the IP address 0.0.0.0 is automatically created. For example, if there is only one DEAG, the maximum number of IP addresses in the DEAG file is one less than the maximum number of DEAOs allowed, as defined in DEAG and DEAO Maximums.
Was This Article Helpful?
Help us to improve our support portal