This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Cookie Policy. Click Preferences to customize your cookie settings.
EBL can be seen by PA3020 in GUI, but cannot be read in CLI
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- Discussions
- General Topics
- EBL can be seen by PA3020 in GUI, but cannot be read in CLI
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Printer Friendly Page
EBL can be seen by PA3020 in GUI, but cannot be read in CLI
Options
- Mark as New
- Subscribe to RSS Feed
- Permalink
05-14-2014 02:49 PM
I have a pair of 3020s (configured for Active-Passive availability) and I'm trying to build an External Block List. I followed the documentation at Working with External Block List (EBL) Formats and Limitations. My EBL text file looks like this:
nnn.nnn.nnn.nnn 20140514 144338
where nnn is the octet of an IP address. There are several lines like that. None contain any of the special characters mentioned in the documentation.
When I go into the Dynamic Block List area of the GUI, and click the Test Source URL button, I get a pop-up message saying that the "Source URL is accessible". However, when I run an Import job to load the file, and use the CLI to check the output of the job, it show:
| Enqueued | ID | Type | Status Result Completed |
--------------------------------------------------------------------------
| 2014/05/14 15:40:15 | 1792 | EBLRefresh | FIN FAIL 15:41:10 |
Warnings:
Details:EBL(vsys1/Web Server Attackers) Unable to fetch external list. Using old copy for refresh.
EBL(vsys1/Web Server Attackers) EBLRefresh job failed. No valid IPs found in list
I have tried added "/32" subnet masks after the IP addresses, and that makes no difference.
Hopefully I'm not missing something obvious. Any suggestions?
Labels:
- Labels:
-
Configuration
-
Set Up
-
Troubleshooting
5 REPLIES 5
Options
- Mark as New
- Subscribe to RSS Feed
- Permalink
12-26-2014 06:39 AM
If you are using the management interface for this connection, you can also do a tcpdump there to see what's going on.
> tcpdump snaplen 65533 filter "xxxxxxxxxx"
Related Content
- PA3020 EoL vs PanOS 9.1 EoL in Next-Generation Firewall Discussions
- AIOps - Cannot Change Predefined Location Alerts in AIOps for NGFW Discussions
- How to solve Timeout error in market place in Cortex XSOAR Discussions
- Aiops Message - Device Security in AIOps for NGFW Discussions
- Dynamic address objects not showing in Panorama in Panorama Discussions
Like what you see?
Show your appreciation!
Click Like if a post is helpful to you or if you just want to show your support.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks