Greetings On PAN-OS 7.1.8 configuring EDL is giving some unexpected results - I have an application based security policie set for my PA management IP addresses to fetch the updates i.e. "paloalto-updates, widlfire, pan-db-cloud, ssl and web-browsing" with service set to application default. No profile actions set to block. After populating the EDL with the lists from http://panwdbl.appspot.com, I went on to one of the added lists and tried "Test Source URL" and the return message was "URL access error". As a test, - Set the service route configuration to use my external interface - "URL access error" - Then created an open policy for the management IP addresses with "any" "any" and the test source URL works returning "source URL is accessbile". Looking at the logs, I noticed the session to start on web-browsing and then move to "google-app-engine" when contacting 216.58.198.244 (panwdbl.appspot.com/lists). So deleted my wide open policy and amended the application based policy by adding "google-app-engine", set my service route back to use the management interface. Commit the configuration and it works. Google-app-engine's default ports are TCP 443 and 80 Looking in to the logs, it uses "google-app-engine" to speak to the website - is this expected behaviour? I find this to be abnormal unless I have missed a very basic point somewhere. Any ideas / thoughts will be helpful. Thanks KP
... View more