06-27-2018 09:52 PM - edited 06-27-2018 09:59 PM
Hello
I am using the Palo Alto Next Generation Firewall PA-3020 / PAN OS 7.02.
I use EBL to block IP.
After testing, it will take a long time for IP registered in the text file to be applied to the firewall.
Of course, i set "repeat" to 5 minutes in the EBL setting.
Also i checked that "repeat" was set to 5 minutes in the CLI.
However, when i check the EBL using the "request system external-list show" command in CLI, "Next Update Time" is displayed after 1 hour.
Is it possible for the firewall to block the IP as soon as it is entered in the text file?
please answer about my question.
Thank you!
06-28-2018 07:56 AM
It doesn't sound like the repeat frequency is actually taking effect. You can request a refresh manually by running 'request system external-list refresh'. You'll have to do the good old '?' after that statement to see what your options are, with 7.0 you wouldn't have to specify a type like those running higher versions and I don't have access to that old of a system to verify what the syntax is for you.
There were a few instances within 7.0 that had the firewall incorrectly inititating refresh jobs outside of what the refresh frequency was set, however it was specific to happening sooner than specified if memory serves correctly. Either way you really should update that thing, 7.0 is already EoL and there are quite a few security related fixes that you are missing that are present in later 7.0.* updates. If you are stuck on 7.0 for some reason at least update that thing to 7.0.19
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
