This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Cookie Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

How to create IPv4 list from a text file

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

How to create IPv4 list from a text file

Go to solution
tienngo
L2 Linker

‎05-10-2020 02:17 AM

Hi community,

 

I am encountering decrypt-err with Anydesk application after deploying SSL Decryption. In order to fix that, I am going to create a list of Public IPv4 that Anydesk use to excludes them from the decryption. Currently I collected an IPv4 list and want to create an EDL so I can simply add them to exclusion list. I have created and using Minemeld EDL for Office365 but it is dynamic list. 

 

Could anyone please guide me how to create a custom EDL IPv4 list from a text file please?

0 Likes Likes
9 REPLIES 9

Go to solution
SutareMayur
Cyber Elite
Cyber Elite
In response to tienngo

‎05-11-2020 05:49 AM

@tienngo,

 

Can you please give details on error that you are getting? if possible, please attach error snap. In my environment, I've generated self-signed certificate on PA and it is imported on windows server. Everything was smooth.

 

Mayur

Mayur
0 Likes Likes

Go to solution
tienngo
L2 Linker
In response to SutareMayur

‎05-11-2020 08:00 AM - edited ‎05-11-2020 08:05 AM

Hi @SutareMayur 

 

I tried to generate self CA on PA as the following

2020-05-11_21-34-32.png

 

Then I exported the generated self CA to a PEM file with a security key. Please note that since the ISS can only read the .pfx file and the PA can export CA in the file type PEM, DER, PKCS12 so I don't know which file type I should generate.

2020-05-11_21-39-36.png

 

I imported the generated self CA to the ISS using import button in Server Certificate

2020-05-11_21-50-19.png

 

Enter the password I have set at the export self CA step then I got the error

2020-05-11_21-52-09.png

 

Could you please show me where I was wrong and share me how did you do it?

 

Thank you

0 Likes Likes

Go to solution
SutareMayur
Cyber Elite
Cyber Elite
In response to tienngo

‎05-11-2020 11:05 AM

@tienngo,

 

First of all, while generating certificate Common Name (CN) should be either IP address of server where your web page is configured or the FQDN you will be used for accessing webpage. Whatever you will put here that will appear on the certificate.

 

Once certificate is generated, export is as below file and put passphrase. Once exported, import file with same passphrase on your server. This should work for you.

 

SutareMayur_0-1589220080588.png

 

Hope it helps!

Mayur

 

Mayur

Go to solution
tienngo
L2 Linker
In response to SutareMayur

‎05-11-2020 06:45 PM

Dear @SutareMayur 

 

Thanks for your guidance, Certificate between IIS and PA is done!

 

From the web browser in the LAN network I can access and see the IP content in the web URL I have configured in ISS.

 

On PA when I create a rule using the EDL from the IIS I got the message as below and cannot verify the content of the EDL as well

 

Screenshot_49.png

 

Screenshot_50.png

 

Do you have any idea please...

0 Likes Likes

Go to solution
tienngo
L2 Linker
In response to SutareMayur

‎05-11-2020 11:03 PM

Hi @SutareMayur 

 

The issue is resolved!

 

Since the log is very clear, I change the URL to access a text file hosted by IIS, everything is good now. It seems for the EDL, PA communicates with the IIS the different way than Minemeld

 

Thank you for your help!

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Copyright 2007 - 2023 - Palo Alto Networks