Login to Palo Alto Device  

Navigate to Objects>>External Dynamic list. 

 Create a new external dynamic list by creating add button at the bottom of the page  

The following dialog box will appear, Fill the dialog box with EDL Name.  

Select Type as Ip list, Keep the URL name in the source, select the refresh time in check for updates and test the source URL.    

The URL hosted should be accessible via Palo Alto. During the test following message should be seen.  

If you encounter the following error, please check the accessibility of the URL via a firewall. Check whether the URL is blocked by any policies and proceed further. 

Once the URL test is successful, please commit. You won’t see the list of entities before committing. Once the commit is completed, the list of IPs will get displayed in the list entries. You can manually keep the exceptions list from the list entries to avoid blocking some IPs. 

Once the list is seen in entries, create a policy to block the list in Policy>>Security Tab. 

Once the policy is created, please commit to applying the policy.   

To check whether the policy is working or not, you can manually add your IP list and check.  

Notes: You can host an IP list in any of your public or internal URLs that should be accessible from the firewall. 

             You can create an IP list public URL from GitHub for free.