Firewall configuration Addresses
FortiGate-400 Installation and Configuration Guide 181
3 Choose an address to delete and select Delete .
4 Select OK to delete the address.
Organizing addresses into address groups
You can organize related addresses into address groups to make it easier to add
policies. For example, if you add three addresses and then add them to an address
group, you only have to add one policy using the address group rather than a separate
policy for each address.
You can add address groups to any interface, VLAN subinterface, or zone. The
address group can only contain addresses from that interface, VLAN subinterface, or
zone. Address groups are available in interface, VLAN subinterface, or zone source or
destination address lists.
Address groups cannot have the same names as individual addresses. If an address
group is included in a policy, it cannot be deleted unless it is first removed from the
policy.
1 Go to Firewall > Address > Group.
2 Select the interface, VLAN subinterface, or zone to which to add the address group.
3 Enter a Group Name to identify the address group.
The name can contain numbers (0-9), uppercase and lowercase letters (A-Z, a-z), and
the special characters - and _. Other special characters and spaces are not allowed.
4 To add addresses to the address group, select an address from the Available
Addresses list and select the right arrow to add it to the Members list.
5 To remove addresses from the address group, select an address from the Members
list and select the left arrow to remove it from the group.
6 Select OK to add the address group.
Figure 8: Adding an internal address group
