Resolve IP address from FQDN for firewall address type subnet
In FortiManager, you can resolve the IP address from the FQDN for "subnet" type firewall addresses.
To resolve IP/Netmask from the FQDN in IPv4 address objects:
- Go to Policy & Objects > Object Configurations > Firewall Objects > Addresses.
- Create or edit a firewall address object.
- In the Address Name field, enter the FQDN. For example,
www.google.com
. - In the Type field, leave the address as Subnet.
- In the IP/Netmask field, click Resolve from name.
The field is auto-filled with the first IP retrieved from the DNS query. - The saved address can be used in a policy.
- If FortiManager cannot resolve the host name/FQDN, the GUI will report the following error:
Name or service not known
.
To resolve IP/Netmask from the FQDN in IPv6 address objects:
- Go to Policy & Objects > Object Configurations > Firewall Objects > Addresses.
- Create or edit a firewall address object.
- In the Address Name field, enter the FQDN. For example,
www.google.com
. - In the Type field, leave the address as IPv6 Subnet.
- In the IP/Netmask field, click Resolve from name.
The field is auto-filled with the first IP retrieved from the DNS query. - The saved address can be used in a policy.