n3s0 || journal

    Creating Policy Address Objects Using CLI For FortiGate

    Posted on 1 min

    Netadmin

    This will be a short post that goes through creating FortiGate policy address objects within FortiOS CLI. It’s useful to configure address objects in your firewall because it makes management of the rules a little simpler when defining policy.

    Create an address on the “lab” interface with the address 172.16.128.26.

    config firewall address
  edit "tl-log-01"
    set associated-interface "lab"
    set subnet 172.16.128.26/32
  next
end

    Create an address on the “lab” interface named “lab subnet” with the subnet of 172.16.128.0/24. This will match traffic to all of the traffic on this subnet passing through that interface and the rules assigned to it.

    config firewall address
  edit "lab subnet"
    set associated-interface "lab"
    set subnet 172.16.128.0/24
  next
end