- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
Enhanced Security Measures in Place: To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.
11-09-2015 02:17 AM
Hello.
I want to know my question what address and EBL maximum from you.
1.
The above documnet describes " Each imported list can contain up to 5,000 IP addresses (IPv4 and/or IPv6), IP ranges, or subnets."
How many can FW creat lists? What are Miximum?
2.
I checked the result of the following CLI output,
show system state filter cfg.general.max*
->cfg.general.max-blacklist : 25000
Is the above black list about URL Filtering?
I found a below discussiton
Right?
3.
This question is important.
PA-3020 can have miximum 5000 address.
"cfg.general.max-address: 5000"
I want to know whether this vaule inculde EBL list or exclude it.
And
PA can make security rules without address objects.
When FW can create to write IP on security rules, How many can I make IPs without address object?
What are maximum? Are this maximum included "max-address : 5000"?
Thanks,
KC Lee
11-11-2015 01:23 PM
Hi there...This is extracted from the 7.0 admin guide. You can have 10 DBL lists.
2) Yes, the maximum number of entries (in your case 25,000) is for the entire device, and is shared across the allow list, block list, and custom URL categories.
3) The DBL is separate from the max address.
Thanks.
11-11-2015 01:23 PM
Hi there...This is extracted from the 7.0 admin guide. You can have 10 DBL lists.
2) Yes, the maximum number of entries (in your case 25,000) is for the entire device, and is shared across the allow list, block list, and custom URL categories.
3) The DBL is separate from the max address.
Thanks.
11-11-2015 05:12 PM
Hi,
Thanks for your anwer.
May I ask you question more further?
About No.3 question I asked.
I heard from someone what one DBL list place in one of all address object.
You meaned one DBL list does not equal one address object. Right?
And a new question.
Please look at the following document.
This doc describes " Each imported list can contain up to 5,000 IP addresses (IPv4 and/or IPv6), IP ranges, or subnets."
But It is different between the above sentence and a result I tested.
PA-200 can have 2200 lines of one DBL list [2500(max addresses) - 300(system register IPs)]
PA-3020 can have 4700 lines of one DBL list [5000(max addresses) - 300(system register IPs)]
What is the truth between all platform can have 5,000 or each models can have each other mas address without 300?
I hope let me know it.
Thanks.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!