This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Cookie Policy. Click Preferences to customize your cookie settings.
External Dynamic Lists not working
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- Discussions
- General Topics
- Re: External Dynamic Lists not working
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Printer Friendly Page
External Dynamic Lists not working
Options
- Mark as New
- Subscribe to RSS Feed
- Permalink
10-17-2016 08:46 AM
Hi all,
I have configured EDL of type Dynamic URL Lists with the next configuration
Then in URL filtering profile the ransomwaretracker_URL category is configured as BLOCK and the Profile is applied in the Security rule.
It seems configured correctly, I can list the EDL in CLI, but if I try to go to listed URL, it does not blocked.
PAN is working with 7.1.2 version.
Thanks,
Jordi
16 REPLIES 16
Options
- Mark as New
- Subscribe to RSS Feed
- Permalink
10-18-2016 08:10 AM
The list is opened when the command is executed.
impala@FW_VM401(active)> request system external-list show type url name ransomwaretracker_URL
vsys1/ransomwaretracker_URL:
Next update at : Tue Oct 18 18:00:29 2016
Source : ransomwaretracker.abuse.ch/downloads/RW_URLBL.txt
Referenced : Yes
Valid : Yes
Total valid entries : 4992
Total invalid entries : 8
Valid urls:
http://01ad681.netsolhost.com/7j0jlq3
http://027tzx.com/lscpv
http://0793mobile.com/jetg2
http://108.174.196.88/8dpg3
http://109.73.234.241/dgq01p
http://11011020.web.fc2.com/ets19pre
http://111.86.142.67/~h_fujii/95hdienf
http://121.83.206.211/~ftp-yama/9z6nu
http://125ru.web.fc2.com/09u9jn87
http://12hourenergy.com.au/ty6yhd
http://151.ru/4GBrdf6
http://158.195.68.10/87hcrn33g
http://158.195.68.10/g76gyui
http://158.195.68.10/porirue
http://158.199.158.185/e2ti07
http://178.78.87.8/spyra2
http://178.78.87.8/xjzhm
http://18901350711.com/ll0wdsu
http://18vek.spb.ru/HJghjt872?FqRolfwcFC=ubcMhkMNCX
http://18vek.spb.ru/p3isx
http://194.28.172.166/~triera/95osasmx
http://198.1.95.93/~deveconomytravel/cache/binstr.php
http://1express.com.sg/cpmr1pt
Options
- Mark as New
- Subscribe to RSS Feed
- Permalink
10-18-2016 08:29 AM
@COMIP Do you know if your URL Filtering is working at all?
Options
- Mark as New
- Subscribe to RSS Feed
- Permalink
10-18-2016 08:45 AM
Yes, URL Filtering is working.
Options
- Mark as New
- Subscribe to RSS Feed
- Permalink
10-18-2016 08:55 AM
@COMIP If URL is working and you have the rules setup for both incoming and outgoing traffic then I think the next step would be a TAC case. I would question how your rules are setup however, as you are going to need both one incoming and one outgoing if you are trying to test it by going to those websites.
Options
- Mark as New
- Subscribe to RSS Feed
- Permalink
10-19-2016 02:26 AM
Yes the profiles are applied in both directions.
Thanks for your answers, I'm going to open a case.
Related Content
- I need answer for this question . in Next-Generation Firewall Discussions
- Global protect VPN disconnecting multiple times in GlobalProtect Discussions
- How to get/send DNS logs to on-prem SIEM -- DNS Proxy + DNS Security in General Topics
- Cortex XDR Blockage activity in Cortex XDR Discussions
- Enforcing Global Protect only on remote sessions in General Topics
Like what you see?
Show your appreciation!
Click Like if a post is helpful to you or if you just want to show your support.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks