cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Who rated this post

Hi @Ariq_Aziz ,

Just to clarify what you want to achieve - you want to use EDL (external dynamic list) of IP addresses that firewall will use in security rule?

 

Importing/adding addresses from file is little different from using EDL. If you expect the contect of this json file to be static you can create all of the addresses as static objects and add them to static group and use it in rule.

 

I assume you want to use the link to the json file as EDL, so when vendor updates this file (add, remove or modifies and address) you firewall rule to be updated automatically.

 

Unfortunately Palo Alto expect EDL to be formatted in very specific format. You can check details here - https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/policy/use-an-external-dynamic-list-in-pol...

So you cannot tell the firewall to consume the json file directly. You will need to parse the JSON with another system - external for the firewall. Then the output of the parsed data to be consumed by the firewall.

 

 

View solution in original post

Who rated this post