External Palo Alto Dynamic List

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

External Palo Alto Dynamic List

L1 Bithead

Hi Team 

 

 

Have a PA220   licensed for Wild fire, Threat prevention, and PANDB URL filtering .

 

Though I had configured the External Dynamic List based on the best practice, I could not get the default  PaloAlto Dynamic IP lists feed : Palo Alto Networks - High-risk IP addresses and the Known malicious IP addresses  showing up 

 

 

Could someone please guide me on how to configure the prefined Palo Alto  list  ?

 

Thanks

RK

 

 

2 accepted solutions

Accepted Solutions

The default list is not appearing because the PA is not having the Antivirus  installed . To get this please run the following command using the CLI.

 

"request url-filtering download status vendor paloaltonetworks "

 

Go to Devices\Dynamic Updates and do " check now "

 

The PA will download the Antivirus  -install the same 

 

Viola --- the default Dynamic IP list appears under Objects/External Dynamic List ...  🙂

 

Regards

 

Rk

View solution in original post

L2 Linker

I found this article where it specifies that for the Dynamic Lists to appear you must install the antivirus.

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000PM0pCAG

View solution in original post

10 REPLIES 10

L3 Networker

Palo Alto Networks - High risk IP addresses and

Palo Alto Networks - Known malicious IP addresses

are selectable as source address or destination address in your security rules without any other prior configuration.

You can view them as Predefined in Objects > External Dynamic Lists if you wish

 

Hope that helps

 

Kind regards

Thanks for the reply.

 

Those two lists are not showing up under Dynamic list. I  too thought that after syncing with the license and other updates, I should be able to see those default list under External Dynamic list but it is not.

 

Is it possible to create them manually?

 

Regards

 

RK

 

 

@RanjithDass,

I'm going to guess that you are not running 8.0.* at all? 

Thanks Bpry for the reply .

 

 It is a  brand new PA220  and running on  8.0.6.

 

Regards

 

RK

@RanjithDass,

Well that is really weird, as it should have them included without you having to manually create them. That being said, if you do the following you should be able to create them manually.  

 

1) Create a new External Dynamic Lists entry and under Type, switch it to Predefined IP List. 

2) Under Source you'll have two options High risk IP addresses, and Known malicious IP addresses. 

Capture.PNG

 

 Thanks again --I know  😞

 

My license License partLicense part

 

I can create new EDL list but the default ones are not showing up 

 

the drop down options not showing upthe drop down options not showing up

Not sure why the default ones were not showing up 

 

Regards

 

Rk

@RanjithDass,

I would contact TAC or reinstall the OS at this point. These lists should be populating perfectly fine. 

Thanks again for the reply . 

There should be some steps on how to add it since i have tried  a factory reset and built it  from the scratch so definitely, a setup  issue somewhere 

 

Regards

 

Rk

The default list is not appearing because the PA is not having the Antivirus  installed . To get this please run the following command using the CLI.

 

"request url-filtering download status vendor paloaltonetworks "

 

Go to Devices\Dynamic Updates and do " check now "

 

The PA will download the Antivirus  -install the same 

 

Viola --- the default Dynamic IP list appears under Objects/External Dynamic List ...  🙂

 

Regards

 

Rk

L2 Linker

I found this article where it specifies that for the Dynamic Lists to appear you must install the antivirus.

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000PM0pCAG

  • 2 accepted solutions
  • 8710 Views
  • 10 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!