Addresses; Adding Addresses - Fortinet FortiGate FortiGate-800 Installation And Configuration Manual

Firewall configuration

Addresses

Adding addresses

FortiGate-800 Installation and Configuration Guide
All policies require source and destination addresses. To add addresses to a policy,
you must first add addresses to the address list for the interfaces, zones, or VLAN
subinterfaces of the policy.
You can add, edit, and delete all firewall addresses as required. You can also organize
related addresses into address groups to simplify policy creation.
A firewall address consists of an IP address and a netmask. This information can
represent:
• The address of a subnet (for example, for a class C subnet,
IP address: 192.168.20.0 and Netmask: 255.255.255.0).
• A single IP address (for example, IP Address: 192.168.20.1 and
Netmask: 255.255.255.255)
• All possible IP addresses (represented by IP Address: 0.0.0.0 and Netmask:
0.0.0.0)
Note: IP address: 0.0.0.0 and Netmask: 255.255.255.255 is not a valid firewall address.
This section describes:
• Adding addresses
• Editing addresses
• Deleting addresses
• Organizing addresses into address groups
To add an address
1 Go to Firewall > Address.
2 Select the interface, VLAN subinterface, or zone that you want to add the address to.
3 Select New to add a new address.
4 Enter an Address Name to identify the address.
The name can contain numbers (0-9), uppercase and lowercase letters (A-Z, a-z), and
the special characters - and _. Spaces and other special characters are not allowed.
5 Enter the IP Address.
The IP address can be:
• The IP address of a single computer (for example, 192.45.46.45).
• The IP address of a subnetwork (for example, 192.168.1.0 for a class C subnet).
• 0.0.0.0 to represent all possible IP addresses
Addresses
197