-
Products
-
SonicPlatform
SonicPlatform is the cybersecurity platform purpose-built for MSPs, making managing complex security environments among multiple tenants easy and streamlined.
Discover More
-
-
Solutions
-
Federal
Protect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions
Learn MoreFederalProtect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions
Learn More - Industries
- Use Cases
-
-
Partners
-
Partner Portal
Access to deal registration, MDF, sales and marketing tools, training and more
Learn MorePartner PortalAccess to deal registration, MDF, sales and marketing tools, training and more
Learn More - SonicWall Partners
- Partner Resources
-
-
Support
-
Support Portal
Find answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials
Learn MoreSupport PortalFind answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials
Learn More - Support
- Resources
- Capture Labs
-
- Company
- Contact Us
How can I create Address objects and groups in command line interface (CLI) for 5.8 and below?
12/20/2019 
75 People found this article helpful
492,640 Views
Description
NOTE:This article applies to firmware version prior to SonicOS 5.8.2.0
This article illustrates how to create address objects and address groups using the Command Line Interface (CLI) of the SonicWall
Address Objects
- Creating Address Object of type Network
- Creating Address Object of type Range
- Creating Address Object of type Host
- Editing Address Objects
- Deleting Address Objects
- Displaying Address Objects
Address Groups
- Creating Address Groups
- Adding Address Objects to a group
- Adding Address Groups to a group
- Editing Address Groups
- Deleting an Address Group
Creating Address Objects in bulk
Procedure:
Login to the SonicWall CLI using either SSH or Serial connection. For more information on how to login to the CLI, please refer KB ID 170505641032025
Enter the administrator username and password.
You will be presented with the root prompt of the CLI.
Enter "configure" <enter> to enter the device configuration mode.
Address Objects
- All commands should be in lowercase.
- Names of objects are case sensitive
- An object name containing spaces should be enclosed by double quotes (eg "Lab Network ")
- All address objects are by default in the LAN zone.
- If no zone is selected, the address object would be created in zone LAN.
- Address Objects of Type FQDN and MAC Address are not currently supported.
The following commands are available in the address-object prompt:
Creating Address Object of type Network
address-object <name for address object> <Enter>network 192.168.100.0 255.255.255.0 <Enter>zone LAN <Enter>exit <Enter>
Creating Address Object of type Range address-object <name for address object> <Enter>
range 192.168.168.100 192.168.168.200 <Enter>
zone DMZ <Enter>
exit <Enter>
Creating Address Object of type Host
address-object <name for address object> <Enter>
host 192.168.168.112 <Enter>
zone DMZ <Enter>
exit <Enter>
For 6.2.7.1 firmware typeconfig()# address-object ipv4 test host 1.1.1.1 zone LAN
For 5.9.1.8 firmware type
config(0017C55C9E22)# address-object ipv4 test1
(add-ipv4-address-object[test1])# host 1.1.1.1
(add-ipv4-address-object[test1])# zone WAN
Editing Address Objects
address-object <name of a previously created address object> <Enter>
zone LAN <Enter>
exit <Enter>
Deleting Address Objects
no address-object <name of a previously created address object> <Enter> exit <Enter>
Displaying Address Objects
show address-object <name of a previously created address object> <Enter> show address-object <Enter> 
Creating Address Groups
address-group <name for the address group> <Enter>
The following commands are available in the address-group prompt
Adding Address Objects to a group
address-group <name for the address group> <Enter> address-object <name of a previously created address object> <Enter> exit <Enter>
Adding Address Groups to a group
address-group <name of a previously created address group > <Enter> address-group <name of a previously created address group> <Enter> exit <Enter>
Editing Address Groups address-group <name of a previously created address group > <Enter> no address-object <name of a previously created address object> <Enter> no address-group <name of a previously created address group> <Enter> exit <Enter>
Deleting an Address Group no address-group <name of a previously created address group > <Enter> exit <Enter>
Creating Address Objects in bulk
In scenarios where large number of address objects are required to be created, SonicWall CLI has no direct method of creating such large number of address objects. However, if the objects to be created are less than hundred, the workaround would be to use the SonicWall GUI. In NSA firmwares, the Add Address Object window does not auto-close after creating an object. This speeds-up creation of the next object where only the name and IP address has to be changed.
If the objects to be created number in the hundreds or thousands, a better method would be to Copy and Paste the commands from a text file. The text file contents would be similar to this
address-object test1
host 19.168.168.1
zone DMZ
exit
address-object test2
host 19.168.168.2
zone DMZ
exit
address-object test3
host 19.168.168.3
zone DMZ
exit
address-object test4
host 19.168.168.4
zone DMZ
exit
address-object test5
host 19.168.168.5
zone DMZ
exit
address-object test6
host 19.168.168.6
zone DMZ
exit
address-object test7
host 19.168.168.7
zone DMZ
exit
address-object test8
host 19.168.168.8
zone DMZ
exit
address-object test9
host 19.168.168.9
zone DMZ
exit
address-object test10
host 19.168.168.10
zone DMZ
exit
To create a script as above for hundreds of address objects, use a similar script as the following: @Echo Off
Set Count=1:LOOPecho address-object Host-%count%echo host 10.10.10.%count%echo zone LANecho exitSet /A Count=%Count%+1If %Count% lss 100 GoTo :LOOPSet Count=exit
Save the above script as a batch file (. bat) and run it with a redirection to a file. For example: Address.bat>file.txt
The above command will create a file called file.txt with the following output:
address-object Host-1host 10.10.10.1zone LANexitaddress-object Host-2host 10.10.10.2zone LANexitaddress-object Host-3host 10.10.10.3zone LANexit
....................upto 10.10.10.100
Copy the contents of file.txt
Login to the CLI and navigate to the Config prompt.
Paste the contents of file.txt.
Related Articles
- How to block Hotspot Shield proxy/VPN using Advanced Application Control
- How to configure numbered VPN tunnel
- Cysurance Partner FAQ
YES
NO