I have a simple ask to pull a list of IPs from an external txt file into a PAN. I can reach the URL and its simply a text file with CIDRs separated by lines. However, when looking at the list entries and exceptions its blank. I seem to have the same problem with a domain list as well. Has anyone done this before and can point me in the right direction?
The formatting is like below:
PAN actually publishes documentation on how you should be formatting EDLs so that the firewall can read it properly. I'd also recommend looking into MineMeld.
That usually points towards one of two issues:
1. The EDL isn't actually configured correctly and you aren't using the proper type so it's not showing where you expect it to.
2. The GUI is bugged out and it's just not filling the autocomplete. This can usually be resolved by clearing the cache, and potentially restarting management. You can also try just manually specifying the entry in the XML or CLI and see if the configuration validates properly. Sometimes that's all you need to do to kinda "force" it.
I figured it out by trial and error.
So an EDL for DOMAINS can only be attached to an anti-spyware profile and after you do that it will populate the list of domains on the EDL itself. Until you do that it will complain about it not being referenced by a policy but you don't reference in a policy per se, its attached to anti-spyware profile on a policy.
PAN documentation is so convoluted that it took me a couple days to figure out the difference between an EDL for IPs for DOMAINS and how to implement them correctly.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!