I am getting a daily notification that states that Failed to check Antivirus content upgrade info due to generic communication error . I have a HA Active/Passive set up on my network. The Active is connecting to updates.paloaltonetworks.com fine and is getting the most recent verison, and there is a Green Dot that connection is okay from the Management Interface. I believe however, that the alerts are being sent out from the Passive device for some reason even though the two devices are connected together fine. Any help on how to verify that things are okay on the cluster, and how to stop these Alerts from being sent?
If the firewalls are configured to use an L3 interface to go out for updates (Device > Setup > Services tab > Service Route Configuration), the default setting for the passive L3 interfaces is to be down. This setting allows them to become active during a failure of the primary and ARP for the shared IP.
The management interface is still up even when a device is in the passive state, so if the service route is configured to use that interface and you can configure a route on the connected devices to allow Internet access from that interface you should be able to eliminate those messages.
You could also disable antivirus checking on the passive unit ensuring that the active syncs it, but that would stop updates if a failure happened.
Hope this helps,
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!