SonicOS 7 Match Objects
Adding a Dynamic External Object
To add a Dynamic External Object
- Navigate to Object > Match Objects > Dynamic Group page.
Click the Add button. The Add Dynamic External Object dialog displays.
- Enter a unique, descriptive name for the dynamic external address group in the Name field. “DEAG_” is automatically prepended to the name when saved.
- The Type field is set to Address Group, with no other options.
- In the Zone Assignment drop-down list, select the zone for the Dynamic External Address Group.
- Select the Enable Periodic Download option for ongoing, periodic downloads of the Dynamic Address Group File.
If Enable Periodic Download is enabled, select the number of minutes or hours between downloads in the Download interval field. You can select one of:
- 5 minutes
- 15 minutes
- 1 hour
- 24 hours
- Select the type of protocol to use for downloading the DEAG file from the protocol drop-down list. The choices are FTP or HTTPS. The remaining fields in the dialog are different for FTP and HTTPS.
If you selected FTP as the protocol, specify the following:
If you selected HTTPS as the protocol, specify the following:
- Click Save.
Based on the configuration, the firewall reads the list of IP addresses or FQDNs from the file or URL. Then SonicOS automatically creates the following:
- Address group with the name provided in the Add Dynamic External Object dialog. This address group is read-only, meaning that you cannot edit or delete it.
- Address objects for every valid unique IP address or FQDN in the file. These address objects are also read-only.
The individual address objects are then added to the Dynamic External Address Group / Dynamic External Object. You can use this in access rules and policies.
Was This Article Helpful?
Help us to improve our support portal