Cannot update software since upgrading to 4.1

Reply
Highlighted
L2 Linker

Cannot update software since upgrading to 4.1

Hello all,

I recently upgraded to the 4.1 OS from 4.0.1. The firewall settings are fine but for some reason whenever the firewall tries to download any new software like 4.1.1, GlobalProtect, Dynamic Updates it keeps getting the error "Failed due to network failure".

I have checked and made sure that the Managment Interface is not being blocked by URL or Security policies. I even see successful connections to update server but the error still keeps coming up.

Any thoughts?

Regards

Stephen

L6 Presenter

Re: Cannot update software since upgrading to 4.1

From the CLI, test by issuing command 'ping host updates.paloaltonetworks.com'.

Also when you go into Dynamic Updates and Software, do you get any error when you click on 'Check Now' button?

L2 Linker

Re: Cannot update software since upgrading to 4.1

I can ping successfully from CLI and I get the same error when I manually press Check Now for any download.

L6 Presenter

Re: Cannot update software since upgrading to 4.1

Can you doublecheck the device's mgmt setting to ensure the update location is pointing to updates.paloaltonetworks.com?

L2 Linker

Re: Cannot update software since upgrading to 4.1

Just to be specific it is in the Operations tab in the Setup section of the Device. The Update server is indeed 'updates.paloaltonetworks.com'

L6 Presenter

Re: Cannot update software since upgrading to 4.1

Configuration appears to be fine.  You may want to check again to see if the traffic is being blocked upstream.  I would suggest collecting a pcap and see.

Thanks.

Not applicable

Re: Cannot update software since upgrading to 4.1

Hello,

I've been dealing with this same issue as well. It started with 4.1 for me too.

I can log into the firewall, and force it to update. But sometimes even then it gets stuck, and I have to log into the CLI and cancel the job.

Here's the email error message I get.

SYSTEM ALERT : high : Failed to check Content content upgrade info due to generic communication error

domain: 1
receive_time: 2012/01/17 13:14:20
serial: xxxxxxxxx
seqno: 11896
actionflags: 0x0
type: SYSTEM
subtype: general
config_ver: 0
time_generated: 2012/01/17 13:14:20
vsys:
eventid: general
object:
fmt: 0
id: 0
module: general
severity: high
opaque: Failed to check Content content upgrade info due to generic communication error

L4 Transporter

Re: Cannot update software since upgrading to 4.1

I am seeing similiar effects (4.1.1).  I noticed today that an auto scheduled AV download was at 30% for more than a week now.  Which must of been effecting the threat content download from starting.  URL updates are up to date though.  The particular date of over a week ago was also when I found the AV download stuck the first time.  After killing the job - I can perform a manual download/install.  Seems to happen during the auto scheduled download.  

Cheers,

Mike

Not applicable

Re: Cannot update software since upgrading to 4.1

Has there been any update on this? There is more then one person reporting the issue now. I'm still getting the same error message I reported in my previous post.

Thanks,

Daniel

L6 Presenter

Re: Cannot update software since upgrading to 4.1

Please contact Support to open a case so that we can diagnose & have this issue track.  Thanks.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!