Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Administration Guide

    Home FortiGate CNF Administration Guide

    Addresses

    Addresses

    Define address objects for re-use in multiple policies.

    Go to Configuration > Addresses to view the list of configured address objects.

    You can create the following objects from this page:

    Note

    FortiGate CNF comes with several address objects pre-configured. The pre-configured objects are not editable but can be cloned into new objects.

    Note

    FortiGate CNF only supports IPv4 addresses. IPv6 addresses are not supported.

    Address objects

    Address objects have the following options:

    Item Description
    Name The unique name of the object.

    Type

    Select the address type:

    • Dynamic: Select available cloud resources.

    • Geography: Select countries.

    • FQDN: Enter a fully-qualified domain name.

    • IP Range: Enter an IP adresses range.

    • Subnet: Specify an IP address subnet.

    Dynamic options

    Cloud Platform

    Select AWS or Azure.

    AWS/Azure Account ID

    Select the account ID.

    AWS Region

    Select the region.

    This option is only available if Cloud Platform is AWS.

    SDN Address Type

    Select the software defined network address type:

    • Private

    • Public

    • All

    Filter

    Enter one or more filters as selection criteria.

    The available filters vary based on the resources in the selected cloud platform, account, and region, as well as other factors such as the FortiOS version. The following lists of filters are provided as an example of available filters.

    For AWS, this includes:

    • EC2 instance characteristics, including:

      • Architecture

      • Availability zone

      • Image ID

      • Instance ID

      • Instance type

      • Private DNS name

      • Public DNS name

    • Subnet

    • Security group

    • VPC

    • Endpoint ID

    • Endpoint service name

    • Tags

    For AWS addresses, most filters are only available if there are active EC2 instances deployed in the VPC.

    For Azure, this may include:

    • VM

    • Size

    • Location

    • Security group

    • Vnet

    • Subnet

    • Subscription

    • Load balancer

    • Application gateway

    • Tag

    For Azure addresses, most filters are only available if there are active instances deployed.

    For both AWS and Azure, Kubernetes-related filters are available if Kubernetes resources are deployed in the selected account and region.

    Geography options

    Country/Region

    Select the country or countries.

    FQDN options

    FQDN

    Enter a fully-qualified domain name.

    IP Range options

    IP Range

    Enter the IPv4 range (in format x.x.x.x-x.x.x.x).

    Subnet options

    IP/Netmask

    Enter the IPv4 subnet and netmask (in format x.x.x.x/xx).

    Address groups

    Address groups collect address objects into a group for reuse. They have the following options:

    Item Description
    Name The unique name of the object.

    Cloud Platform

    Select AWS or Azure or ALL.

    Members

    Select the addresses to include in this group.
    Previous
    Next

    Addresses

    Addresses

    Define address objects for re-use in multiple policies.

    Go to Configuration > Addresses to view the list of configured address objects.

    You can create the following objects from this page:

    Note

    FortiGate CNF comes with several address objects pre-configured. The pre-configured objects are not editable but can be cloned into new objects.

    Note

    FortiGate CNF only supports IPv4 addresses. IPv6 addresses are not supported.

    Address objects

    Address objects have the following options:

    Item Description
    Name The unique name of the object.

    Type

    Select the address type:

    • Dynamic: Select available cloud resources.

    • Geography: Select countries.

    • FQDN: Enter a fully-qualified domain name.

    • IP Range: Enter an IP adresses range.

    • Subnet: Specify an IP address subnet.

    Dynamic options

    Cloud Platform

    Select AWS or Azure.

    AWS/Azure Account ID

    Select the account ID.

    AWS Region

    Select the region.

    This option is only available if Cloud Platform is AWS.

    SDN Address Type

    Select the software defined network address type:

    • Private

    • Public

    • All

    Filter

    Enter one or more filters as selection criteria.

    The available filters vary based on the resources in the selected cloud platform, account, and region, as well as other factors such as the FortiOS version. The following lists of filters are provided as an example of available filters.

    For AWS, this includes:

    • EC2 instance characteristics, including:

      • Architecture

      • Availability zone

      • Image ID

      • Instance ID

      • Instance type

      • Private DNS name

      • Public DNS name

    • Subnet

    • Security group

    • VPC

    • Endpoint ID

    • Endpoint service name

    • Tags

    For AWS addresses, most filters are only available if there are active EC2 instances deployed in the VPC.

    For Azure, this may include:

    • VM

    • Size

    • Location

    • Security group

    • Vnet

    • Subnet

    • Subscription

    • Load balancer

    • Application gateway

    • Tag

    For Azure addresses, most filters are only available if there are active instances deployed.

    For both AWS and Azure, Kubernetes-related filters are available if Kubernetes resources are deployed in the selected account and region.

    Geography options

    Country/Region

    Select the country or countries.

    FQDN options

    FQDN

    Enter a fully-qualified domain name.

    IP Range options

    IP Range

    Enter the IPv4 range (in format x.x.x.x-x.x.x.x).

    Subnet options

    IP/Netmask

    Enter the IPv4 subnet and netmask (in format x.x.x.x/xx).

    Address groups

    Address groups collect address objects into a group for reuse. They have the following options:

    Item Description
    Name The unique name of the object.

    Cloud Platform

    Select AWS or Azure or ALL.

    Members

    Select the addresses to include in this group.
    Previous
    Next