Brightcloud connection error

Reply
Not applicable

Brightcloud connection error

I have a PA-500 that is receiving the error of:

opaque: Failed to connect to Brightcloud update server service.brightcloud.com, initiated by 192.168.75.30

eventid: connection-failure


There seems to be no connectivity issues to URLs for the users. Just this sys log being generated. The updates are set to every morning at 3:00am and work perfectly fine. It's just during production hours that this message is received. I think it is due to limits in the device. When I looked at the traffic on the device there is no traffic dropped when the log occurs. When I looked at all the KBs they all talk about errors that occur in not getting the update at all. Does anyone know how I can set up the firewall to no longer receive this message, or should I just clear the URL Cache?


Thanks

Tags (2)
Highlighted
L7 Applicator

Re: Brightcloud connection error

Hello Jprices,

I'd like to suggest to check with BrightCloud about the issue and need to verify if an outage at BrightCloud today had. Could you please run below mentioned command while trying to download BrightCloud database.

> tail follow yes mp-log pan_bc_download.log

Also try to verify the reachability to the BrightCLoud server from PAN firewall.

Highlighted
Not applicable

Re: Brightcloud connection error

Thanks Hulk,

Unfortunately I did that and it showed the I have the most up to date BC download. I still see the issue being presented in the system logs and I can't notice a pattern in the traffic logs. Do you know how I can contact Brightcloud to see if they know about possible connectivity issues during production with PA-500's.

Highlighted
L1 Bithead

Re: Brightcloud connection error

I'm experiencing the same issue with my PA-2050s.  I recently upgraded them to 5.0.11 last week so I'm not sure if it's a coincidence or not.

Highlighted
L7 Applicator

Re: Brightcloud connection error

Recently Brightcloud made a change in their  DNS system , now we get only one best IP for service.brightcloud.com.

Also the Error: Failed to connect to 'service.brightcloud.com' => The cause is unknown. We need packet capture.

Highlighted
L1 Bithead

Re: Brightcloud connection error

I get this message frequently too.  I think it happens every day, yet all of the signatures and databases are up to date when I look at it.

Highlighted
Not applicable

Re: Brightcloud connection error

I am now receiving the same message with a different PA-500. Does anyone know if Palo Alto is having issues with lower models due to URL cache space?

Highlighted
L5 Sessionator

Re: Brightcloud connection error

Hi everyone,

For those of you that are receiving this error, can you please verify that you're only seeing this error in the logs but are not experiencing any issues with the daily database update or any other connectivity errors?  During the time that you see this error, are any of you seeing category "not-resolved" in the URL filtering logs?

Thanks,

Doris

Highlighted
Not applicable

Re: Brightcloud connection error

Doris,

Sorry I meant to mention. The update that is scheduled is working fine, without any issues. It is just during the day that I get this error messages. I have nothing in the URL filtering for "not-resolved".

Thanks,

Joseph

Highlighted
L1 Bithead

Re: Brightcloud connection error

jprice2 wrote:

Doris,

Sorry I meant to mention. The update that is scheduled is working fine, without any issues. It is just during the day that I get this error messages. I have nothing in the URL filtering for "not-resolved".

Thanks,

Joseph

Same here.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!