This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Cookie Policy. Click Preferences to customize your cookie settings.
How to create IPv4 list from a text file
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- Discussions
- General Topics
- How to create IPv4 list from a text file
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Printer Friendly Page
Options
- Mark as New
- Subscribe to RSS Feed
- Permalink
05-10-2020 02:17 AM
Hi community,
I am encountering decrypt-err with Anydesk application after deploying SSL Decryption. In order to fix that, I am going to create a list of Public IPv4 that Anydesk use to excludes them from the decryption. Currently I collected an IPv4 list and want to create an EDL so I can simply add them to exclusion list. I have created and using Minemeld EDL for Office365 but it is dynamic list.
Could anyone please guide me how to create a custom EDL IPv4 list from a text file please?
1 ACCEPTED SOLUTION
Accepted Solutions
Options
- Mark as New
- Subscribe to RSS Feed
- Permalink
05-10-2020 03:19 AM
@tienngo ,
You can configure IIS based webpage on any windows server and add list of IPV4 address in it. Once your webpage is ready, you can call it under IP type of EDL under Palo Alto to fetch those list of addresses.
Make sure, there is communication between firewall and Windows server IP.
You can refer below post which talks about same use case.
Hope it helps!
Mayur
Mayur
9 REPLIES 9
Options
- Mark as New
- Subscribe to RSS Feed
- Permalink
05-10-2020 03:19 AM
@tienngo ,
You can configure IIS based webpage on any windows server and add list of IPV4 address in it. Once your webpage is ready, you can call it under IP type of EDL under Palo Alto to fetch those list of addresses.
Make sure, there is communication between firewall and Windows server IP.
You can refer below post which talks about same use case.
Hope it helps!
Mayur
Mayur
Options
- Mark as New
- Subscribe to RSS Feed
- Permalink
05-11-2020 01:13 AM
Hi Sutare,
Thank you for your recomendation. I have deployed an IIS server then can access the URL from the LAN and can see the IP list content.
But.. When I export the certificate on the IIS I have a .pfx file but I cannot import the certificate to the PA. Could you please share your experience configuring the certificate between IIS and the PA?
Options
- Mark as New
- Subscribe to RSS Feed
- Permalink
05-11-2020 04:04 AM
If your webpage is ready on 443 port and you are able to access it from LAN. Now on PA, you need to import certificate and add it under certificate profile. Then you need to map this certificate profile under EDL. Once this is done, you can just test connectivity using 'Test Source URL' option.
Hope it helps!
Mayur
Mayur
Options
- Mark as New
- Subscribe to RSS Feed
- Permalink
05-11-2020 04:37 AM
Hi @SutareMayur
I know the procedure with the certification since I am using Minemeld for EDL. The issue I am encountering is that when I generate self CA in the IIS then export to the .pfx then import the file to PA and failed.
How can I import the pfx file which generated by ISS to PA? I tried to genrated self CA on PA then import to ISS but got the same result.
Related Content
- Agent Blocking files/processes dynamically based on conditions in Cortex XDR Discussions
- Custom Web server on XSOAR in Cortex XSOAR Discussions
- Cortex XDR - File Exceptions in Cortex XDR Discussions
- Content package is not able to update in Cortex XSOAR Discussions
- Global protect VPN disconnecting multiple times in GlobalProtect Discussions
Like what you see?
Show your appreciation!
Click Like if a post is helpful to you or if you just want to show your support.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks