Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Creating Addresses and Address Groups

    Use the Addresses page to create addresses that can be used across all devices managed by Security Director. Addresses are used in firewall, NAT, IPS, and VPN services and apply to corresponding SRX Series devices.

    Once you create an address, you can combine it with other addresses to form an address group. Address groups are useful when you want to apply the same policy to multiple devices.

    Before You Begin

    • Read the topic.
    • Decide on the type of address object to define: Host, Range, Network, Wildcard, or DNS Host.
    • Review the addresses main page for an understanding of your current data set. See Addresses Main Page Fields for field descriptions.

    Configuring Addresses and Address Groups


    To create an address object:

    1. Select Configure > Shared Objects > Addresses.
    2. Click Create.
    3. Complete the configuration according to the guidelines provided in Tables 1 through 2.
    4. Click OK.

    A new address or address group with your configurations is created. You can use this object in policies. You can also assign it to a domain; see Assigning Policies and Profiles to Domains.

    Table 1: Fields on the Create Addresses Page

    Setting

    Guideline

    Object Type

    Select Address or Address Group. If you select Address Group, then the screen changes so you can select the addresses you want to include in your address group. Table 2 describes address group configuration parameters.

    Name

    Enter a unique name for the address. It must begin with an alphanumeric character and cannot exceed 63 characters. Dashes and underscores are allowed.

    Description

    Enter a description for your address; maximum length is 1,024 characters. You should make this description as useful as possible for all administrators.

      

    Type

    Select a type of address and fill in the corresponding fields. Available types are:

    • Host
      • Host IP—Enter the IPv4 or IPv6 host IP address. For example: 1.2.3.4 or 0:0:0:0:0:FFFF:0102:0304. If you do not know the IP address, you can enter the hostname and click Look up hostname.
      • Hostname—Enter the hostname. It must begin with an alphanumeric character and cannot exceed 63 characters. Dashes and underscores are allowed. If you do not know the host name, you can enter the IP address and click Look up IP address. For example, enter www.company.com and click Look up IP address. Hostname lookup is supported for IPv4 and IPv6 addresses.
    • Range
      • Start Address—Enter a starting IPv4 or IPv6 address for the address range. For example: 10.0.0.0 or 0:0:0:0:0:FFFF:A00:0.
      • End Address—Enter an ending IPv4 or IPv6 address for the address range. The range is validated once you enter the address.

      Note: An address range is configured on managed device(s) as address-set with one or more network address objects covering the specified address range.

    • Network
      • Network—Enter the network IP address. For example: 10.0.0.0. IPv6 is also supported. For example: 4001:334:244:2255:24a2:244::
      • Subnet Mask—Enter the subnet mask for the network range. For example, IPv4 netmask: 10.0.0.0/24. The subnet mask is validated as you enter it. You should enter the correct subnet mask in accordance with the network value. For example, IPv6 netmask: 4001:334:244:2255:24a2:244:: / 126.
    • Wildcard
      • Network—Enter the network IPv4 or IPv6 address. For example: 1.2.3.4 or 2001:4860:800f::68
      • Wildcard Mask—Enter the wildcard mask for the network range. For example: 0.0.0.255.
    • DNS Host
      • DNS Name—Enter the DNS name. For example: company.com. Only alphanumeric characters, dashes, and periods are accepted. This name cannot exceed 69 characters and must end with an alphanumeric character.

    Table 2: Address Group Settings

    Setting

    Guideline

    Object Type

    Select Address Group. When you select Address Group, then the screen changes so you can select the addresses you want to include in your address group.

    Name

    Enter a unique name for the address group. It must begin with an alphanumeric character and cannot exceed 63 characters. Dashes and underscores are allowed.

    Description

    Enter a description for your address group. You should make this description as useful as possible for all administrators.

    Addresses

    Select the check box beside each address you want to include in the address group. Click the arrow to move the selected address or addresses from the Available column to the Selected column. Note that you can use the fields at the top of each column to search for addresses.

    Modified: 2016-12-06