IP Address/FQDN Object Parameters

The following table describes the configurable IPv4 address, IPv6 address, and FQDN (Fully Qualified Domain Name) object parameters.

Table 1. Address Object Parameters



Object name

Specify a name that describes the object. This name appears in the address list when defining security policies. The name is case-sensitive and must be unique. Use only letters, numbers, spaces, hyphens, and underscores.


Specify one of the following address types:

  • IPv4
  • IPv6
  • FQDN

For objects used in Bridge Mode and Software Switch deployments, you can configure both IPv4 and IPv6 addresses. Additionally, FQDNs can resolve to either IPv4 or IPv6 addresses.

For objects used in Routing Mode deployments, you can configure IPv4 addresses and FQDNs must resolve to IPv4 addresses.


IPv4 Address:

Specify the IP address or network using the following notation:

  • ip_address
  • ip_address_range
  • ip_address/bitmask

Example: or or

IPv6 address

Specify the IPv6 address or network using the following notation:

  • ipv6_address
  • ipv6_address_range
  • ipv6_address/bitmask (IPv6 CIDR)


2001:db8:123:1::1 or 2001:db8:123:1::1-2001:db8:123:1::10 or 2001:db8:123:1::/64


Specify an FQDN using the following notation:

  • [domain].[tld]
  • [hostname].[domain].[tld]

FQDN objects support usage of the wildcard character (*) for fuzzy match. Be aware to only use the wildcard at the beginning of an FQDN, rather than in the middle or at the end of an FQDN.


  • Exact FQDN: example.com, or host.example.com

  • Wildcard FQDN: *.com, *example.com, or *.example.com


Use the FQDN object type only when configuring policy rules to match source/destination connections.