• SonicOS 7
• Zones
  • How Zones Work
  • Predefined Zones
  • Security Types
  • Allow Interface Trust
  • Enabling SonicWall Security Services on Zones
  • Effect of Wireless and Non-Wireless Controller Modes
    • Effects of Enabling Non-Wireless Controller Mode
    • Effects of Enabling Wireless Controller Mode
  • Match Objects > Zones
    • The Zone Settings Table
    • Adding a New Zone
    • Configuring a Zone for Guest Access
    • Configuring a Zone for Open Authentication and Social Login
    • Configuring a Zone for Captive Portal Authentication with RADIUS
    • Configuring a Zone for Customized Policy Message
    • Configuring a Zone for Customized Login Page
    • Configuring the WLAN Zone
    • Configuring the RADIUS Server
    • Configuring DPI-SSL Granular Control per Zone
    • Enabling Automatic Redirection to the User-Policy Page
    • Deleting a Zone
• Addresses
  • Types of Address Objects
  • About Address Groups
  • About UUIDs for Address Objects and Groups
  • Addresses Page
    • Common Features
      • Common Functions
      • Common Column Headings
    • Sorting the Entries
  • Default Address Objects and Groups
  • Default Pref64 Address Object
  • Default Rogue Address Groups
  • Adding an Address Object
  • Editing Address Objects
  • Deleting Custom Address Objects
  • Purging MAC or FQDN Address Objects
  • Creating Address Groups
  • Editing Address Groups
  • Deleting Address Groups
  • Working with Dynamic Address Objects
    • Key Features of Dynamic Address Objects
    • Enforcing the Use of Sanctioned Servers on the Network
    • Using MAC and FQDN Dynamic Address Objects
      • Blocking All Protocol Access to a Domain using FQDN DAOs
      • Using an Internal DNS Server for FQDN-based Access Rules
      • Controlling a Dynamic Host’s Network Access by MAC Address
      • Bandwidth Managing Access to an Entire Domain
• Services
  • About Default Service Objects and Groups
  • Predefined IP Protocols for Custom Service Objects
  • Adding Service Objects using Predefined Protocols
  • Adding Custom IP Type Services
    • Configuration Example
  • Editing Custom Service Objects
  • Deleting Custom Service Objects
  • Adding Custom Service Groups
  • Editing Custom Service Groups
  • Deleting Custom Service Groups
• URI Lists
  • About URIs and the URI List
  • About URI List Groups
  • About Keywords and the Keyword List
  • Matching URI List Objects
  • Using URI List Objects
  • Managing URI List Objects
    • About the URI List Objects Table
    • Configuring URI List Objects
    • Exporting a URI List Object
    • Editing a URI List Object
    • Deleting URI List Objects
  • Managing URI List Groups
    • About the URI List Groups Table
    • Adding URI List Groups
    • Editing a URI List Group
    • Deleting URI List Groups
• Match Objects
  • About Match Objects
    • About Regular Expressions
      • Regular Expression Syntax
    • About Negative Matching
  • About Application List Objects
    • About Application Filters
    • About Category Filters
  • Configuring a Match Object
  • Configuring Application List Objects
• Schedules
  • Adding a Custom Schedule
  • Modifying Schedules
  • Deleting Custom Schedules
• Dynamic Group
  • About the Dynamic External Address Group File
  • DEAG and DEAO Maximums
  • High Availability Requirements
  • Adding a Dynamic External Object
  • Editing Dynamic External Objects
  • Deleting Dynamic External Objects
• Email Addresses
  • Configuring Email Address Objects
• SonicWall Support
  • About This Document

Adding a Dynamic External Object

To add a Dynamic External Object

1. Navigate to Object > Match Objects > Dynamic Group page.

2. Click the Add button. The Add Dynamic External Object dialog displays.

   

3. Enter a unique, descriptive name for the dynamic external address group in the Name field. “DEAG_” is automatically prepended to the name when saved.
4. The Type field is set to Address Group, with no other options.
5. In the Zone Assignment drop-down list, select the zone for the Dynamic External Address Group.
6. Select the Enable Periodic Download option for ongoing, periodic downloads of the Dynamic Address Group File.

7. If Enable Periodic Download is enabled, select the number of minutes or hours between downloads in the Download interval field. You can select one of:

   • 5 minutes
   • 15 minutes
   • 1 hour
   • 24 hours
8. Select the type of protocol to use for downloading the DEAG file from the protocol drop-down list. The choices are FTP or HTTPS. The remaining fields in the dialog are different for FTP and HTTPS.

9. If you selected FTP as the protocol, specify the following:

   • Server IP Address – the IP address of the FTP server where the DEAG file resides

     See About the Dynamic External Address Group File for information about the DEAG file.

   • Login ID – the user name for logging into the FTP server
   • Password – the password for logging into the FTP server
   • Directory Path – the folder in which the DEAG file resides on the FTP server
   • File Name – the name of the DEAG file on the FTP server

10. If you selected HTTPS as the protocol, specify the following:

    • URL Name – the URL which has the list of IP addresses or FQDNs

      

      The URL Name should start with https:// and follow with the page name. This page contains the list of IP addresses or FQDNs.

11. Click Save.

Based on the configuration, the firewall reads the list of IP addresses or FQDNs from the file or URL. Then SonicOS automatically creates the following:

• Address group with the name provided in the Add Dynamic External Object dialog. This address group is read-only, meaning that you cannot edit or delete it.
• Address objects for every valid unique IP address or FQDN in the file. These address objects are also read-only.

The individual address objects are then added to the Dynamic External Address Group / Dynamic External Object. You can use this in access rules and policies.