10-21-2019 05:13 AM - edited 11-04-2019 06:19 AM
I have setup MineMeld on a VM and it seems to be working correctly but, when I setup the EDL on a PAN firewall and test it, I get a "URL access error" message on the firewall
I have generated CA from Palo alto and i have created a certificate signed by this CA (with CN same of minemeld's hostename).After that, I have uploaded the certificate to minemeld and verified that the change was successful.
I also changed the service route of EDL.
Someone could help me?
I removed FEEDS_AUTH_ENABLED on /opt/minemeld/local/config/api/30-feeds-auth.yml and the EDL is accessible from PA (without authentication) but if i enable it i got the same error.
10-30-2019 10:43 PM
Sometimes this appears to be related to the TLS version configured on your MineMeld web server. For some strange reason, the PAN FW will only make the request to the webserver using TLS 1.0 and nothing higher.
If you see issues where the URL is unavailable or an access error check to see if TLS 1.0 is disabled.
A quick PCAP on. the MGT interface will show you what it's trying to negotiate.
tcpdump filter 'host your_dst_IP'
10-31-2019 06:05 AM
02-07-2020 01:15 AM
You can check TLS version under Minemeld config file.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!