EDL Fetch Failing after changing the service route

EDL Fetch Failing after changing the service route

11587
Created On 02/14/19 20:51 PM - Last Modified 10/22/19 01:55 AM


Symptom


After changing the service route, EDL (External Dynamic List) fetch fails with message "Unable to fetch external dynamic list. Timeout was reached."

Environment


  • PANOS-8.1.
  • Palo Alto Firewall.
  • EDL configured.

Cause


Service Route for External Dynamic Lists was set to Use Default,  when the EDL was reachable via the management interface.

Resolution


When EDL is configured, the actual interface to be used for EDL is determined as follows.
  1.   If External Dynamic Lists service route is set, then use this configured interface to fetch the EDL list.
  2.   If External Dynamic Lists is not set and if Palo Alto Networks Services has a service route set, then use it for fetching the EDL list.
  3.   If both External Dynamic Lists and Palo Alto Networks Services service routes are not set, then use MGT interface to fetch the EDL.
Based on the above, configure the correct interface to be used for EDL using  GUI: Device > Setup > Services > Services Feature > Service Route Configuration.
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000CmqFCAS&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail