Enhanced Security Measures in Place: To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.
01-30-2023 02:23 PM
Hi @Ariq_Aziz ,
Just to clarify what you want to achieve - you want to use EDL (external dynamic list) of IP addresses that firewall will use in security rule?
Importing/adding addresses from file is little different from using EDL. If you expect the contect of this json file to be static you can create all of the addresses as static objects and add them to static group and use it in rule.
I assume you want to use the link to the json file as EDL, so when vendor updates this file (add, remove or modifies and address) you firewall rule to be updated automatically.
Unfortunately Palo Alto expect EDL to be formatted in very specific format. You can check details here - https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/policy/use-an-external-dynamic-list-in-pol...
So you cannot tell the firewall to consume the json file directly. You will need to parse the JSON with another system - external for the firewall. Then the output of the parsed data to be consumed by the firewall.
