https://live.paloaltonetworks.com/t5/general-topics/not-able-to-upgrade-macos/m-p/440866#M99942 <P>Hi Kiwi,</P><P>I've been troubleshooting this for a while now. I did see in the logs it is considering it as a threat whenever the download status reach 85% and it is failing at that point. So, I created a test policy for exclusively to that machine which is trying to upgrade and narrowed the issue down to my file blocking security profile. I have&nbsp;<SPAN>7z, bat, chm, cpl, dll, hlp, hta, jar, msi, ocx, PE, pif, rar, scr, torrent, vbe, wsf file types in the block list at the moment. Now, it is just the matter of finding which exact file type needs to be allowed.&nbsp;</SPAN></P><P>&nbsp;</P><P><SPAN>I have a palo support guy say the same. Trying to get help from Apple support to see what exact file type they need has been a nightmare.&nbsp;</SPAN></P> Thu, 14 Oct 2021 14:52:07 GMT Akhil_B 2021-10-14T14:52:07Z https://live.paloaltonetworks.com/t5/general-topics/not-able-to-upgrade-macos/m-p/439451#M99823 <P><SPAN>Not able to upgrade macOS. We are trying to upgrade macOS from Catalina to Bigsur. Whenever we try to upgrade it from the app store or download the dmg and install, the installer fails.</SPAN><BR /><BR /><SPAN>But when it is connected to a different network, it goes through without any problem. I wonder if there is something in firewall that needs to be allowed. Please help.</SPAN></P> Thu, 07 Oct 2021 14:56:26 GMT https://live.paloaltonetworks.com/t5/general-topics/not-able-to-upgrade-macos/m-p/439451#M99823 Akhil_B 2021-10-07T14:56:26Z https://live.paloaltonetworks.com/t5/general-topics/not-able-to-upgrade-macos/m-p/440803#M99933 <P>Hi <a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/173136">@Akhil_B</a> ,</P> <DIV id="ConnectiveDocSignExtentionInstalled" data-extension-version="1.0.4">&nbsp;</DIV> <DIV data-extension-version="1.0.4">It's difficult to say from the information provided.&nbsp; It could simply be blocked by policy or it could be something more specific like a decription error that's causing the download to fail.</DIV> <DIV data-extension-version="1.0.4">&nbsp;</DIV> <DIV data-extension-version="1.0.4">I'd recommend checking the firewall logs for anything being blocked.&nbsp; Additionally you can check the global counters for drop counters for some pointers.</DIV> <DIV data-extension-version="1.0.4">&nbsp;</DIV> <DIV data-extension-version="1.0.4">Cheers,</DIV> <DIV data-extension-version="1.0.4">-Kiwi.</DIV> Thu, 14 Oct 2021 12:18:37 GMT https://live.paloaltonetworks.com/t5/general-topics/not-able-to-upgrade-macos/m-p/440803#M99933 kiwi 2021-10-14T12:18:37Z https://live.paloaltonetworks.com/t5/general-topics/not-able-to-upgrade-macos/m-p/440866#M99942 <P>Hi Kiwi,</P><P>I've been troubleshooting this for a while now. I did see in the logs it is considering it as a threat whenever the download status reach 85% and it is failing at that point. So, I created a test policy for exclusively to that machine which is trying to upgrade and narrowed the issue down to my file blocking security profile. I have&nbsp;<SPAN>7z, bat, chm, cpl, dll, hlp, hta, jar, msi, ocx, PE, pif, rar, scr, torrent, vbe, wsf file types in the block list at the moment. Now, it is just the matter of finding which exact file type needs to be allowed.&nbsp;</SPAN></P><P>&nbsp;</P><P><SPAN>I have a palo support guy say the same. Trying to get help from Apple support to see what exact file type they need has been a nightmare.&nbsp;</SPAN></P> Thu, 14 Oct 2021 14:52:07 GMT https://live.paloaltonetworks.com/t5/general-topics/not-able-to-upgrade-macos/m-p/440866#M99942 Akhil_B 2021-10-14T14:52:07Z