ATTENTION Customers, All Partners and Employees: The Customer Support Portal (CSP) will be undergoing maintenance and unavailable on Saturday, November 7, 2020, from 11 am to 11 pm PST. Please read our blog for more information.
I have setup MineMeld on a VM and it seems to be working correctly but, when I setup the EDL on a PAN firewall and test it, I get a "URL access error" message on the firewall
I have generated CA from Palo alto and i have created a certificate signed by this CA (with CN same of minemeld's hostename).After that, I have uploaded the certificate to minemeld and verified that the change was successful.
I also changed the service route of EDL.
Someone could help me?
I removed FEEDS_AUTH_ENABLED on /opt/minemeld/local/config/api/30-feeds-auth.yml and the EDL is accessible from PA (without authentication) but if i enable it i got the same error.
Sometimes this appears to be related to the TLS version configured on your MineMeld web server. For some strange reason, the PAN FW will only make the request to the webserver using TLS 1.0 and nothing higher.
If you see issues where the URL is unavailable or an access error check to see if TLS 1.0 is disabled.
A quick PCAP on. the MGT interface will show you what it's trying to negotiate.
tcpdump filter 'host your_dst_IP'
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!