I have setup MineMeld on a VM and it seems to be working correctly but, when I setup the EDBL on a PAN firewall and test it, I get a "URL access error" message on the firewall. I can access the feed if I put the URL into a browser and can see the list of addresses.
I get the same error whether using the IP or FQDN as the Source. I've even gone as far as configuring MineMeld with our 3rd-party wildcard certificate in case the self-signed certificate was causing the issue, but this hasn't helped.
Any advice would be appriciated.
Solved! Go to Solution.
Looks like the issue was caused by our Palo Alto Updates service route set to the external interface and the MineMeld URL being internally accessible only. Changed the serrvice route to default and then the EDBLSource was accessible.
I did try this at first but got an error when accessing the URL. Have just tested it again with entries for both the IP and FQDN but can only access the URL when the "Palo Alto Updates " service route is set to the internal.
Would have been nice to set a specific destination route and still have Palo Alto Updates going out via the external interface.
When changed service route to default instead of external interface internal IP EDBLSource was accessible but external resolving services didn't work like "dynamic update " . how to fix that
Thank you, the other way would be to deploy MineMeld in the DMZ so it is reachable from Untrust, but I'd rather not do so.
Is there any reason [security?] why our palo alto consultant configured the "Palo Alto Update Service" to use a specific external interface rather than "default" ?
Having an issue with EDL miner output. I am able to see the IPs associated for the output miner when I click on the URL in mindmeld. However if I copy and paste that URL I receive an unauthorized error message and when I click test URL on the firewall I get a URL error message. Any suggestions on correcting this issue.
the "problem" is that MineMeld on Autofocus by default authenticates accesses to the feeds. You should define credentials to access that feed and associate a tag to it.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!