DBL Formatting

Announcements

Changes to the LIVEcommunity experience are coming soon... Here's what you need to know.

Reply
nbilal
L3 Networker

DBL Formatting

We're having an issue getting firewalls running PANOS 6.1 and 7.0 to consume the DBL's created by Minemeld output nodes. None of the output node URL's end with .txt, which appears to be a requirement according to the live documents below. However, .txt cannot be added to the output node name in Minemeld. Is there some configuration we're missing?

 

https://live.paloaltonetworks.com/t5/Configuration-Articles/How-to-Configure-Dynamic-Block-List-DBL-...

https://live.paloaltonetworks.com/t5/PAN-OS-7-1-Videos/PAN-OS-7-1-URL-Filtering-Dynamic-Block-List-E...

 

For example, when I point my browser at http://myminemeld/feeds/output_node_name, I am able to display the without issue. However, when I configure a DBL in PANOS 6.1 or 7.0 for that same URL and perform a request system external-list refresh... then request system external-list show... I'll get an error "Server error : external list file not found", which I assume is because PANOS is looking for a .txt.

 

Any ideas? I haven't tried this on PANOS 7.1, as customer will not be moving to that train until we've seen a few more maintenance releases.

Tags (1)
1 ACCEPTED SOLUTION
nbilal
L3 Networker

Oh man! Silly mistake. I've been making configuration changes on Panorama and pushing to the firewall, however, it was overridden locally on the FW so was not taking the changes. I had been copying the URL from the object in the Panorama device-group, not from the local firewall configuration. When logged into the local firewall found that there was an older DBL configured there.

 

Sorry for wasting your time! It's working great now.

View solution in original post

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!