External Feed URL Configuration

Reply
Highlighted
L2 Linker

External Feed URL Configuration

hello all,

 

I am looking for configuring my own external feed URL for blocking malicious/blacklisted domains/IP addresses. There are lots for external public feed URLs which includes blacklisted IPs/domains but somehow we do not have control on it. So i am looking to configure something which will be in my control. This is something that i can modify at any point of time.

 

Need your inputs on configuration part.

Tags (3)

Accepted Solutions
Highlighted
L5 Sessionator

Re: External Feed URL Configuration

Hello @Vikashh ,

 

You can configure simple IIS based web page on internal windows server which will be reachable to all your Palo alto gateways. The IIS page can configured on any port. Webpage will include list of IP addresses/domains that you want to make a part of the list. Once WebPage is ready, you can check accessing weburl from your LAN system. If it is properly configured, you should see contents of webpage. 

 

Once WebPage is opening properly, configure it as external feed url under EDL. Make sure it is properly configured. For example, you have configured web page on port 8080 and it is on server 10.10.10.10 then feed url will be like http://10.10.10.10:8080 etc.

 

For IIS configuration part, you can refer below video link.

 

https://www.youtube.com/watch?v=VMyMag9_vmc

 

Hope it works for you!

 

Mayur



Mayur Sutare

View solution in original post

Tags (1)

All Replies
Highlighted
L5 Sessionator

Re: External Feed URL Configuration

Hello @Vikashh ,

 

You can configure simple IIS based web page on internal windows server which will be reachable to all your Palo alto gateways. The IIS page can configured on any port. Webpage will include list of IP addresses/domains that you want to make a part of the list. Once WebPage is ready, you can check accessing weburl from your LAN system. If it is properly configured, you should see contents of webpage. 

 

Once WebPage is opening properly, configure it as external feed url under EDL. Make sure it is properly configured. For example, you have configured web page on port 8080 and it is on server 10.10.10.10 then feed url will be like http://10.10.10.10:8080 etc.

 

For IIS configuration part, you can refer below video link.

 

https://www.youtube.com/watch?v=VMyMag9_vmc

 

Hope it works for you!

 

Mayur



Mayur Sutare

View solution in original post

Tags (1)
Highlighted
L2 Linker

Re: External Feed URL Configuration

Thank you!

I will follow steps and configure same. Just once question, in any case if my windows server goes down then all the IP/domains database flushes from gateway or how it is? If it gets flush then it will be disater.

 

Please give some inputs on this.

Highlighted
L5 Sessionator

Re: External Feed URL Configuration

@Vikashh ,

 

Whatever data is already synced with gateway, it will be as it is with it in any situation till next sync with the feed url. So if your windows server goes down, then data that was sync from feed url before server went down will be with firewall. And Firewall will take actions on it as per policy configured.

 

Mayur



Mayur Sutare
Highlighted
L2 Linker

Re: External Feed URL Configuration

Ok then, thats Great !

 

I have configured web page as per your earlier mail and attached it to the gateway. I was able to see IP details locally on gateway. So far so good!

 

Thank you for your help!

 

Highlighted
L5 Sessionator

Re: External Feed URL Configuration

@VikashhCan you please mark this question as solved please?

 

Mayur



Mayur Sutare
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!