- Products
- Learn
- Local User Groups
- Partners
-
More
Celebrate the New Year
With CheckMates!
Value of Security
Vendor Self-Awareness
Join Us for CPX 360
23-24 February 2021
Important certificate update to CloudGuard Controller, CME,
and Azure HA Security Gateways
How to Remediate Endpoint & VPN
Issues (in versions E81.10 or earlier)
Mobile Security
Buyer's Guide Out Now
Important! R80 and R80.10
End Of Support around the corner (May 2021)
Charles_Currier
Here is a little Script that allows you to have a dynamic object based on the AWS
ip-ranges.json file. The object can be updated on a regular interval or run once.
View the Included README for details.
Updated to v3 to resolve proxy bug.
I get this error:
[Expert@TestGW:0]# dyno_aws.sh -o AwsDynObj -a run
Warning, cannot connect to https://ip-ranges.amazonaws.com/ip-ranges.json
[Expert@TestGW:0]# nknown host https://www.ip-ranges.amazonaws.com
No modifications made to the script, running on R77.30 T216.
I am unable to ping that URL either from another trusted source. I can ping the parent domain:
ping amazonaws.com
PING amazonaws.com (72.21.206.80) 56(84) bytes of data.
64 bytes from 206-80.amazon.com (72.21.206.80): icmp_seq=1 ttl=228 time=182 ms
64 bytes from 206-80.amazon.com (72.21.206.80): icmp_seq=2 ttl=228 time=182 ms
64 bytes from 206-80.amazon.com (72.21.206.80): icmp_seq=3 ttl=228 time=182 ms
Also, is it possible to poll a different URL, and use the results to update the dynamic object?
Charles_Currier
I just tested the default URL and it works correctly - Please check your DNS Settings.
If you want to see more details look at the log file $FWDIR/log/dyno_aws.log.
The README file documents how to run the script and yes you can define a different URL or a local file.
A local file example would be : "dyno_aws.sh -o AwsDynObj -a on -f /home/admin/ip-ranges.json"
A url example is " dyno_aws.sh -o AwsDynObj -a on -u https://ip-ranges.amazonaws.com/ip-ranges.json"
About CheckMates
Learn Check Point
Advanced Learning
WELCOME TO THE FUTURE OF CYBER SECURITY