This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

External Dynamic List error

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

External Dynamic List error

Laurent_Dormond
L3 Networker

‎03-15-2022 02:08 AM

Hello,

 

I have configured External Dynamic Lists by using Minemeld a few month ago. It was workinf fine.

 

The lists are available (tried from a web Browser)

 

I noticed that I have following system logs for a few weeks :

 

Unable to fetch external dynamic list. Failure when receiving data from the peer. Using old copy for refresh.

 

We are running PanOS 10.0.7.

 

How can I troubleshoot this problem ?

 

Regards,

 

Laurent

 

0 Likes Likes
3 REPLIES 3

Mudhireddy
L3 Networker

‎03-15-2022 02:34 AM - edited ‎03-15-2022 02:45 AM

Can you try to test Minemeld URL from WebUI of the firewall? 

Mudhireddy_0-1647336774923.png

 

you can also try from CLI command >request system external-list stats IP name "<<name of EDL>>."

If the test fails, you have to troubleshoot the route reachability from the firewall.

 

Resolution: Traffic from this source either needs to be allowed via a security policy, or the service route needs to be changed to "Use default." If the latter solution is implemented, this traffic will not appear in the traffic logs (management plane traffic is not logged.)

 

find the URL https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g0000008UH2CAM&lang=en_US%E2%80%A...

 

Best Regards,
Suresh
0 Likes Likes

Laurent_Dormond
L3 Networker
In response to Mudhireddy

‎03-16-2022 12:36 AM

Hello,

 

Thanks for your help.

 

When I test the EDL from the WebUI by clicking Test Source URL I got "Source URL is accessible."

 

When using CLI : "Server error : entry not found"

When I use "show" CLI command :

 

> request system external-list show type ip name EDL-Test_IP

EDL-Test_IP
EDL is either not referenced in policy, not downloaded, or empty

Total valid entries : 1
Total ignored entries : 0
Total invalid entries : 0
Total displayed entries : 1
Valid ips:
0.0.0.0/32

 

However the EDL is used by a policy.

 

Minemeld server hosting the lists is directly reachable from the mgmt interface of the FW device.

 

 

0 Likes Likes

echahine
L2 Linker

‎04-11-2022 02:23 AM

Hi, were you able to fix the issue? 

0 Likes Likes
  • 3508 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks